NOTE TO computerconsultantsforum.com and forums.techcareerfubar.com USERS: This is the same site. Your login will work here. Use the "forgot password" function if you need help recovering your password.

Obvious fact: You're not logged in.

Therefore, you're only seeing the tip of the iceberg of great discussion threads on this site.

Get rid of this big black message box by joining here: http://mature-it.pro/register/

Who We Are: A collection of IT, engineering and sciences professionals, in a variety of current circumstances with a variety of career backgrounds. Including System admins, Developers and programmers, Freelancers and "gig" entrepreneurs, Contract, job shopping and FTE-employed contract house IT workers, Web developers, Inventors, and artists and writers with tech backgrounds.

We're smarter than the hive mind you've experienced on large tech discussion forums and groups. So register on the board - your email is NEVER sold or provided to third parties. Then LOGIN FREQUENTLY to see new stuff daily.

Join by Registering here: http://mature-it.pro/register/

Author Topic: Why Cryptkeeper in Linux is a Great Choice for Encryption  (Read 369 times)

The Gorn

  • I absolutely DESPISE improvised sulfur-charcoal-salt peter cannons made out of hollow tree branches filled with diamonds as projectiles.
  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 22596
  • Gorn Classic, user of Gornix
Why Cryptkeeper in Linux is a Great Choice for Encryption
« on: March 18, 2018, 05:58:46 pm »
A few months ago, I was asked in a thread:

> Encryption -- just check the default when you install and you're done (why CryptKeeper?)

The user meant check the encryption for the hard drive.

I don't think encryption for the hard drive is necessary or desirable. But there is always a need to cloak personal, financial and business files.

Also, I want to make that decision of what and how much to encrypt on the fly, not dedicate a fixed portion of the drive to an encrypted partition.

Cryptkeeper is a Linux system utility (with user interface accessories) for creating and mounting an encrypted virtual folder, say to your /home directory.

The programs Veracrypt and Truecrypt (discontinued but available in old versions) are available for Linux.

These programs, along with "rsync", are responsible for causing my PC to reboot or stop/power off for no good reason.  I have heard of something called a "kernel panic" which forces an OS shutdown. I am guessing these apps cause such a kernel panic even though they are user mode programs.

Rsync will quite often crash my system if I attempt to do a task kill of an rscync process (I ran into this a lot when debugging rogue backup processes.)

When Veracrypt has a drive mounted, my system can crash at any time when accessing that mounted volume.

Cryptkeeper has an entirely different method for mapping a file system compared to the usual encryption tools. This different method ensures the safety of the stored data. And, oh, I haven't had one crash attributable to Cryptkeeper.

In Veracrypt, you have one large file system file that contains the entire encrypted volume. Corrupt that file and you may lose the entire volume.

In Cryptkeeper, if you create an encrypted volume called, say, /home/fred -

The software creates a parallel hidden folder named .fred_encfs

When you mount /home/fred, every file you then create and work with is saved to an encrypted file with an encrypted name within the .xxxx_encfs folder. Folders and subdirectories are created in parallel within the encrypted file space directory, again with encrypted individual names.

It looks like this:



The important thing here is that only individual stored files, not all of the files, are subject to loss.

Also it's more efficient for backup/restore: a backup or restore can operate just on changed files, not by literally re-saving an entire encrypted volume that has changed.
« Last Edit: March 18, 2018, 06:54:51 pm by The Gorn »
Gornix is protected by the GPL. *

* Gorn Public License. Duplication by inferior sentient species prohibited.

benali72

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 2721
Re: Why Cryptkeeper in Linux is a Great Choice for Encryption
« Reply #1 on: March 19, 2018, 07:11:07 pm »
Wow, great information. Thanks for sharing your hard-won experience.

Yeah, I think if you check Encrypt when you install linux, it only encrypts your Home folder using encryptfs. Not much flexibility.

As you show, Cryptkeeper has some really important benefits.  Thanks again, I'm filing this in my LEARNING_KEY_STUFF folder.

The Gorn

  • I absolutely DESPISE improvised sulfur-charcoal-salt peter cannons made out of hollow tree branches filled with diamonds as projectiles.
  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 22596
  • Gorn Classic, user of Gornix
Re: Why Cryptkeeper in Linux is a Great Choice for Encryption
« Reply #2 on: March 19, 2018, 08:16:01 pm »
On the other hand, I've read anecdotally that the encryption used in Cryptkeeper is much weaker than the accepted state of the art.  I don't know about that. My gut feeling is that Cryptkeeper would be completely safe for storing tax and financial and personal records and other stuff.

But I like it because in addition to stability Cryptkeeper appears to be a well integrated part of the file system. The folder containing the virtual encrypted folder is under /home/someuser. When not in use (not mounted) this folder isn't available.

To use the encrypted volume you first run the command "cryptkeeper" which displays a key icon on one of the desktop panels. When you click that key you get a small dialog prompting you for the password. When you enter the correct password the volume is automatically mounted.

The authors planned for the base encrypted files to be backed up, restored, and manipulated as objects in their own right as necessary. Cryptkeeper has an import function to import another installation's encrypted files into storage on the computer.
Gornix is protected by the GPL. *

* Gorn Public License. Duplication by inferior sentient species prohibited.

Richardk

  • Global Moderator
  • Wise Sage
  • *****
  • Posts: 4226
Re: Why Cryptkeeper in Linux is a Great Choice for Encryption
« Reply #3 on: April 29, 2018, 04:50:08 pm »
I never considered a crash in Linux with an encrypted drive being open. What about in Windows? Do you still use Veracrypt or switched to something like Axcrypt, which I believe also uses individual files instead of one large file in Windows?

The easy backups and crashing one file vs the entire volume is a huge factor but again, how big is the volume and how often does it crash? Also I've never compared the two either.

benali72

  • CCF Winner's Circle - Supporter
  • Wise Sage
  • *
  • Posts: 2721
Re: Why Cryptkeeper in Linux is a Great Choice for Encryption
« Reply #4 on: April 29, 2018, 05:55:30 pm »
I never considered a crash in Linux with an encrypted drive being open.

I use linux with the default encryption (encryptfs) on the home folder. As far as I can tell, when crashes occur using encryptfs, they are treated just like automatic recovery from an ext4 filesystem. I've never lost anything over a decade of use. IOW, it appears that encryptfs works just like any modern journaled filesystem.

The Gorn

  • I absolutely DESPISE improvised sulfur-charcoal-salt peter cannons made out of hollow tree branches filled with diamonds as projectiles.
  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 22596
  • Gorn Classic, user of Gornix
Re: Why Cryptkeeper in Linux is a Great Choice for Encryption
« Reply #5 on: April 29, 2018, 06:10:12 pm »
I'm positive that something like Cryptkeeper isn't intended as an encrypted file system suitable for the entire OS or all user home directories. It's a lightweight and stable alternative to Veracrypt/Truecrypt which are unstable on my system.  I'd use Cryptkeeper to store a few GB of files... not hundreds of GB.
Gornix is protected by the GPL. *

* Gorn Public License. Duplication by inferior sentient species prohibited.

unix

  • Trusted Member
  • Wise Sage
  • ******
  • Posts: 4217
Re: Why Cryptkeeper in Linux is a Great Choice for Encryption
« Reply #6 on: November 04, 2018, 07:06:29 pm »
bump

useful info here
Brawndo. It's got what plants crave.