1 |
On Saturday, 4 July 2020 04:49:07 BST Francesco Turco wrote: |
2 |
> On Sat, Jul 4, 2020, at 04:23, Dale wrote: |
3 |
> > Now that I have a spare drive, I want to encrypt it and have a mount |
4 |
> > point for it, /home/dale/documents for example. What I'd like to do, |
5 |
> > when I login in, it asks me for the encryption password and then mounts |
6 |
> > it. When I log out, it reverses. I'm not doing all of /home because I |
7 |
> > want to separate some info. I may do it later. |
8 |
> I would use LUKS (warning: all data on the spare drive will be lost): |
9 |
> 0. Partition the spare drive: parted /dev/sdx |
10 |
> 1. Format the drive's partition with LUKS: cryptsetup luksFormat /dev/sdxn |
11 |
> 2. Decrypt the LUKS partition: cryptsetup luksOpen /dev/sdxn documents |
12 |
> 3. Create a filesystem on the decrypted partition: mke2fs -t ext4 -m 0 |
13 |
> /dev/mapper/documents 4. Add the new filesystem to /etc/fstab (use the UUID |
14 |
> for easier matching) 5. Mount the filesystem: mount /home/dale/documents |
15 |
> |
16 |
> In order to close the filesystem, you need the following steps: |
17 |
> 1. Unmount the filesystem: umount /home/dale/documents |
18 |
> 2. Lock the LUKS partition: cryptsetup luksClose documents |
19 |
> |
20 |
> Since you use KDE you may try Vault instead, but I haven't tested that |
21 |
> personally. |
22 |
|
23 |
As I understand it the KDE Vaults is a filesystem-level encryption scheme, |
24 |
using CryFS or EncFS, one of which has had no independent security audit and |
25 |
the other which has had a number of security weaknesses reported. Either way, |
26 |
they can be used to encrypt directories or individual files and are |
27 |
potentially useful for storing your encrypted data on the cloud - should you |
28 |
want to store your *private* and potentially precious data on someone else's |
29 |
computers. o_O |