Inter-operable encrypted file-system with GNU/Linux

Xylon

New Member


Messages: 2

#1
Hi all.

I'm wanting to migrate some or all of my computers to FreeBSD to learn about this fascinating OS.

My servers are already done, but before I try a laptop, I am trying to work out how is the best way to have an encrypted flash-drive that's inter-operable between FreeBSD and GNU/Linux (FreeBSD 11.1 -- Debian 9)

What options do I have?

Thanks for any advice,
Joseph
 

ralphbsz

Daemon

Thanks: 769
Messages: 1,299

#2
TrueCrypt exists for both Linux and FreeBSD. I have never tried it on either. And I don't know for a fact that they would be interoperable. But it would be a starting point. Since TrueCrypt is not a file system, but an encrypted block device, you would have to them put a file system onto it that's compatible. Since suggesting FAT and friends is insane: You could try ZFS (supposedly ZFS is on-disk-format compatible between FreeBSD and Linux), or use ext2 and the FreeBSD tools for it.

Completely different suggestion: Find a server somewhere. Move the data to the server. Then export the data using NFS (or Samba or whatever file system protocol du jour you enjoy). Thereby reducing it to a problem previously ... screwed up by someone else (that's an in-joke I use for cases where you don't want to deal with something, and use a crappy solution which is better than having to do the right thing yourself).
 

k.jacker

Aspiring Daemon

Thanks: 286
Messages: 523

#4
If you just want to move some files here and there, I'd create a fat filesystem on a flash drive and then...
tar -cf - my_file important_folder | openssl enc -aes256 -out /mnt/encrypted_data_file (Idon't run any Linux but it's /media/something I think. You know it I'm sure)
You'll get asked to type a password and confirm.. Done...

Don't decrypt and untar on the fat filesystem or you will ruin file permissions...
openssl enc -d -aes256 -in /mnt/encrypted_data_file -out /tmp/my_data.tar
Now you can just untar your data on your FreeBSD laptop from /tmp/ to the desired destinations...
openssl(1)
enc(1)
 

ShelLuser

Son of Beastie

Thanks: 1,590
Messages: 3,450

#5
In addition to what k.jacker said: why not simply create an encrypted filesystem image on the flash drive? Both Linux and FreeBSD support mounting such images, the only thing you'd need is a mutually understood filesystem. Probably ext2 or ext3, while the flash drive itself can remain on what it already is (probably FAT32 or a variant thereof?).

The advantage here would be that an unwanted 3rd party would only discover a blob; a meaningless file. So without knowing that it's an encrypted filesystem the file itself would be pretty meaningless.
 
Top