![]() Veracrypt or Truecrypt would probably work on “whole device too”, but I haven’t used it on this scale - so I can’t really comment. If I was “in your shoes” - I’ve be investigating the purchase of at least 1 TB of storage - and - before copying ANYTHING to it - encrypt it using some “open source” product (like VeraCrypt - you can get binaries for Wintel, Mac, Linux, ARM et cetera) - then maybe make the VeraCrypt “crypt” fat32, NTFS or exFAT, so you can read it on other “non-Linux” computers more 's confirmed this - e.g. it uses idle time to do its stuff - so it doesn’t slow you down)… with AES encryption on ZFS - it’s only “busy” when you’re not (i.e. ![]() Yes, but not sure how much ZFS applies to stuff like VeraCrypt. That said, I would generally recommend Cryptomator over VeraCrypt in such situations, as the original goal of this thread was to find a way to “encrypt a folder”, which Cryptomator is way closer to. VeraCrypt bumps it up to Level 9, by bringing additional expert features and possible complications in, that someone who just wants an “encrypted folder” usually wouldn’t care much about. Cryptomator is pretty minimalistic, straight-forward, easy to use and easy to understand. I use both Cryptomator and VeraCrypt regularly. Coincidentally, I use a 300GB VeraCrypt volume with fixed length. But I definitely hat to put more work and thought into getting this volume running than the Cryptomator folders I have. To the “OP” - this is a great topic, I’m learning stuff here too - going to check out that product suggested : Cryptomator… Imagine your USB drive with some compromising details falls out of your pocket at a trainstation and some unscrupulous person finds it? 0700 is hardly going to stop them… VeraCrypt delivers, then I would prefer recommending Cryptomator.Īll I really want is that the documents are encrypted and easily decryptedĠ700 attribute doesn’t really cover this requirement… you could make a subfolder in there with 0700 and then have all the files in there 0600 - but - they’re still not encrypted and root (or UID of the “owner”) can run a simple find, and find them : If someone just wants to simply encrypt a folder, without all the bells and whistles e.g. I checked Cryptomator out - it’s so easy - just don’t forget your passphrase - but - it does present you with a rescue solution… In your case - I’d suggest Cryptomator… I just checked it out with a folder I keep on one of my ResilioSync “shares”… Using CryptoMator, I can access the contents from Mac, Linux desktop - but if I try to look at the same folder from “elsewhere” (e.g. Raspberry Pi without CryptoMator [apparently there’s a CLI only arm client[) what I can see - isn’t quite “garbage” - but it’s definitely NOT the data I encryped… If I want to see that data - I need the CryptoMator client running and it mounts my Crypt in ~/.I have moved on to a plaintext lifestyle that isn't tied to any tooling.
0 Comments
Leave a Reply. |