this post was submitted on 02 Dec 2023
30 points (91.7% liked)
Linux
48220 readers
724 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You have a few options.
My preferred way is to create an encrypted disk image using LUKS, backed by a sparse file. Sparse means that, while you'll still need to specify a size for the encrypted volume, it won't actually use the space on the underlying disk until you use the space on the encrypted volume. You could even make the encrypted volume bigger than your physical disk (though of course you'd get an error if you tried to actually use that extra space).
There are a few ways to setup a LUKS container; if you want to learn how to do it manually, this howto i just found looks like a good overview of the steps (though I wouldn't recommend doing its final Setup auto mount section).
These days, you can also create a LUKS volume on a sparse file entirely using a GUI such as the GNOME Disks program. Using it, just click the hamburger menu and select "New Disk Image" and then with your new disk image selected click the gears menu and "Format Partition" and there should be a checkbox for LUKS on that screen. If you leave "Erase" turned off (which is the default), then the backing file will be sparse.
One downside to the sparse disk image approach is that when you delete files from the encrypted volume you will not regain that space on the outer disk automatically. It is possible to, but requires work to do so which I won't try to document here.
Another approach which doesn't have that downside is to use eCryptfs instead of LUKS. It stores each encrypted file separately (with an encrypted name) and thus doesn't hide the directory structure or file sizes - only directory and file names and file contents are encrypted. It also appears to have not been updated since 2016, but, it is still included in various distributions so it is also an option. You can read about how to use it (and other caveats about it) on the arch wiki.