Giordano,
I looked at the CRYPTSETUP and LUKS for Linux and found it lacking your specific requirements. I was trying to find what I actually used a few years ago. I believe it was Matt Blaze's
CFS, described here by Linux Journal (free subscription required)
Using CFS, the Cryptographic Filesystem.
CFS does not guarantee that root cannot get access to the files. However, it can make it very difficult on hardenened systems where even root cannot access /proc/$$/mem. For more info, see the last paragraph on page 4 of
Matt's paper.
Here are quite a few other possibilities:
http://www.usenix.org/events/usenix0...tml/index.html
I leave you with some other links that might be relevant:
Download TCFS 3.0b2 for Linux
I believe the risk here is that a root user, who exists on the host where your filesystem is mounted, can "su " to the user that has already entered
CryptFS, whose original authors describe their work here:
Cryptfs: A Stackable Vnode Level Encryption File System
And I think is downloadable here:
Download DM CryptFS 0.3.2 for Linux
Also note
Download cryptmount 3.1 for Linux which contains the following description:
Quote:
After the initial configuration of the encrypted filesystem, an ordinary user can mount and unmount the filesystem on demand, solely by providing the decryption password.