Encryption for Repositories in CentOS

Product version: 10.6

Last modified: 19 July 2022

Problem

Backup repository encryption for a repository located in a CentOS 7 or newer machine does not work.

Background

NAKIVO Backup & Replication uses ecryptfs and cryptsetup to encrypt backup repository data. As of CentOS 7, ecryptfs is not automatically included in the operating system. As a result, you need to install this kernel manually.

Solution

CentOS 7

To configure the ecryptfs kernel in CentOS 7, first install ecryptfs-utils by running the following command.

yum install -y ecryptfs-utils

Then, install the kernel module for ecryptfs by running the following command (in this case, from ELRepo).

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

yum install -y https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm

yum install -y kmod-ecryptfs

CentOS 8

To install the ecryptfs kernel in CentOS 8, run the following command.

sudo yum install epel-release

sudo yum install ecryptfs-utils