43
External drive encryption question
(kbin.social)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
VeraCrypt is the only company I use when it comes to encrypting external drives. Depending on what distro you use, you'll just have to select the proper file format. Aside from that, maybe encrypt 90% of the drive so there's some space for a few things which you can access without mounting the drive. When you go through the setup in VeraCrypt, it directly asks if the drive will be used with one or different systems, so they got you covered there. You can also find many video walk throughs online to follow along with as well.
cryptsetup
I'm still a bit confused with veracrypt... The docs make it sounds like vc use its own format.
Can the drive be prepared with LUKS and then decrypt in windows with veracrypt? If not, I might just use bitlocker until I drop windows.
If things are still the same from ~ June of 2022 then you have a choice between none, Linux Ext2, Linux Ext3, Linux Ext4, and NTFS.
Edit: VeraCrypt utilizes a unique encryption process. Its easy as you just move the mouse around like you went mad, but this produces a highly secure encryption key too. As long as your distro works with NTFS then it seems VeraCrypt can assist to help you encrypt. Otherwise, when Windows is a VM it only can do what Linux allows it to do lol
I try not to mess with my my current windows desktop setup too much if I don't have to (mission critical). It's not on VM.
Would love to do it with LUKS/EXT4 if possible but it's not supported on windows (am I correct?)
If I use VC then I have to install it on both win and linux and also any additional machine I intend to decrypt with, that's quite unwieldy compare to LUKS. I also have lobotomized my current install to cripple spying and broke it to the point it can not update to support wsl.
Seems like bitlocker is a proper solution for the moment. Or just do two partitions (maybe two drives), encrypt one with LUKS, wipe everything unencrypted when done using it.
It's quite an easy program to install and it's also cross platform. The fact drives need the softwarenon aNY PC trying to gain access seems like a feature to me. Maybe if you wanted to copy something from the encrypted drive to a friends computer, only then would it be somewhat of a nuisance. But this all ties into me recommending to leave some portion of the hard drive alone. You'd be able to access anything not in VC's space anywhere, while it's also a breeze to download and install VC too.
Just a note: you can open Bitlocker encrypted drives on Linux, some distros (e.g. Mint and Fedora) have support for it out of the box that works via GUI file manager, I think it uses Dislocker under the hood