| 1 |
On Saturday, 4 July 2020 04:49:07 BST Francesco Turco wrote: |
| 2 |
> On Sat, Jul 4, 2020, at 04:23, Dale wrote: |
| 3 |
> > Now that I have a spare drive, I want to encrypt it and have a mount |
| 4 |
> > point for it, /home/dale/documents for example. What I'd like to do, |
| 5 |
> > when I login in, it asks me for the encryption password and then mounts |
| 6 |
> > it. When I log out, it reverses. I'm not doing all of /home because I |
| 7 |
> > want to separate some info. I may do it later. |
| 8 |
> I would use LUKS (warning: all data on the spare drive will be lost): |
| 9 |
> 0. Partition the spare drive: parted /dev/sdx |
| 10 |
> 1. Format the drive's partition with LUKS: cryptsetup luksFormat /dev/sdxn |
| 11 |
> 2. Decrypt the LUKS partition: cryptsetup luksOpen /dev/sdxn documents |
| 12 |
> 3. Create a filesystem on the decrypted partition: mke2fs -t ext4 -m 0 |
| 13 |
> /dev/mapper/documents 4. Add the new filesystem to /etc/fstab (use the UUID |
| 14 |
> for easier matching) 5. Mount the filesystem: mount /home/dale/documents |
| 15 |
> |
| 16 |
> In order to close the filesystem, you need the following steps: |
| 17 |
> 1. Unmount the filesystem: umount /home/dale/documents |
| 18 |
> 2. Lock the LUKS partition: cryptsetup luksClose documents |
| 19 |
> |
| 20 |
> Since you use KDE you may try Vault instead, but I haven't tested that |
| 21 |
> personally. |
| 22 |
|
| 23 |
As I understand it the KDE Vaults is a filesystem-level encryption scheme, |
| 24 |
using CryFS or EncFS, one of which has had no independent security audit and |
| 25 |
the other which has had a number of security weaknesses reported. Either way, |
| 26 |
they can be used to encrypt directories or individual files and are |
| 27 |
potentially useful for storing your encrypted data on the cloud - should you |
| 28 |
want to store your *private* and potentially precious data on someone else's |
| 29 |
computers. o_O |
Archives