cfsd - cryptographic file system daemon
cfsd is the user-level daemon for the Cryptographic File System (CFS). It
is essentially an RPC server for the NFS protocol augmented with the CFS_ADMIN
protocol. It listens on the CFS port (ordinarily port 3049) on the
The main function of cfsd is to manage the keys for
currently attached encrypted directories, presenting them in clear form
under the CFS mount point (typically "/crypt").
cfsd should ordinarily be invoked at boot time from
/usr/local/etc/rc.d/cfsd.sh The rc file should also start mountd(8)
daemon with least one file system exported to localhost; note that cfsd
itself does not handle the mount protocol. Once a mountd is running, the
mount(8) command should be invoked to mount the exported file system from
the localhost interface with port=3049.
- starts cfsd (from /etc/rc)
- /sbin/mount -o port=3049,intr,nfsv2 localhost:/ /crypt
- mounts cfs on /crypt (in /etc/rc)
cattach(1), cdetach(1), mountd(8), mount(8)
cfsd is single threaded, which means it doesn't handle lots of
simultanious operations very well. In particular, it is not possible to
recursively attach encrypted directories, since that would lead to a deadlock.
Matt Blaze; for information on cfs, email to firstname.lastname@example.org.
- cfs mount point
- exported file systems