Welcome to the Linux Foundation Forum!

Storage media encryption

Hello community.

I have recently wanted to encrypt entire storage mediums such as external hardrives and flash memory devices. For example it would be ideal to have the option to encrypt the whole filesystem, as well as flash drives. If you have any ideas for the methods and applications that encrypt devices such as flashdrives please list some of them. The particular distro of Linux I am using is Ubuntu 9.10

Im sure the answer to my question will be simple and useful to others. Try to also state in your replies applications that use more advanced encryption algorithms then others, and also it may help to tell us which one you feel is best and why.

Comments

  • mfillpot
    mfillpot Posts: 2,177
    I use cyptsetup, this product is command line based, but it offers multiple algorithms and allows you to set the strength of the encryption. I wrote a guide to using it to setup encrypted virtual partitions at http://www.linux.com/community/blogs/linux-security-tip-of-the-day-buildingusing-encrypted-virtual-partitions.html.

    To use it for standard partition encryption you can follow the Slackware encryption guide at http://slackware.osuosl.org/slackware64-current/README_CRYPT.TXT.

    As I stated before I prefer CLI over GUI interfaces, so others may point you towards GUI based applications that can perform similar functions.
  • gomer
    gomer Posts: 158
    This app is popular in both Linux and Windows:
    http://www.truecrypt.org
    It offers strong encryption as well as a file system within a file system for plausible deniability.

    For me, I just use the loop file system to mount a file from within another file system and create a crypto loop file system inside the file and then protect is with a .gpg key.
  • This app is popular in both Linux and Windows:
    www.truecrypt.org

    Yes, there is truecrypt which is a good GUI tool, but you really need to learn about GPG or GNUGP if you want to master encryption.
  • mfillpot
    mfillpot Posts: 2,177
    I just checked out truecrypt, it looks like it is a GUI interface to the LUKS encryption that is is used in the documents I noted above.
  • Actually your documents are 404 man...sorry. What I was saying is that one needs to learn command line before GUI. TrueCrypt is a good tool and really great for automating things, but if you don't understand how it works then your not really that secure.
  • mfillpot
    mfillpot Posts: 2,177
    altNull wrote:
    Actually your documents are 404 man...sorry. What I was saying is that one needs to learn command line before GUI. TrueCrypt is a good tool and really great for automating things, but if you don't understand how it works then your not really that secure.

    Did I miss something, did he setup an encrypted volume and forget the password?
  • I actually used truecrypt in windows before I switched to Linux. I think the GUI offers enough security options without having to know how it actually works or command line stuff. I think a fair knowledge of what encryption is and the different kinds, will suite the average user in deciding on security options.

Categories

Upcoming Training