Good day everyone,
I have found myself with an extra 100GB ssd for my home pc, which I want to use as a “sensitive data” storage. Now I am considering my options in the question of making things right.
I am looking for something, that will be password secure and not bound to windows or linux (I do understand that both OS’ have their own 700 ways of limiting access to a file record).
Which makes me look in the direction of 3rd party apps. Non-bound to the OS and %currentuser% creds. Something that works well with both Windows and Linux.
Not sure if free solutions are something worth of trust, but if so, they would be the priority.
Thanks in advance for any suggestions.
Also, I remember there was some discussion about secure usb drives. Could someone remind me what that thing is?
Why not encrypt the files or the entire filesystem? There are self-encrypting drives (SED) for NVMe that offer this out of the box. Pretty much any OS has software to do just that.
How do they operate? File can be read by any OS, which has connection to the drive?
If you get encryption software, that same software is used to decrypt everything, either by passphrase or other authentication means.
Filesystem encryption can be done with many Linux filesystems and needs to be unlocked at boot and remains unlocked until powered-off. LUKS encryption or using ZFS native encryption is how you do this, but are non-Windows forms of encryption unless you can share the unlocked drive with a Windows host.
SED do this at the hardware controller level. So you need to enter the password to unlock. But if you have a SED with TCG Opal 2.0 specs, pretty much any OS can unlock this.
Or get proprietary external drives with encryption. WD myPassport can encrypt but you need their software to unlock which is only available on Windows and support might cease tomorrow. So be careful with those products.
VeraCrypt is one free solution that you can use for that purpose. Probably best to Format the Drive exfat and not ntfs. NTFS does Work on Linux as well. But exfat Just works on every os without installing anything.
It allows you to either encrypt the entier disk or have a big fat File that you can mount as a Disk.
1 Like
Thanks. I am on the path of “mypassword” to be honest - want something, that will be unlocked for separate instances of time just to read/write to keep that sensitive data out of possible “remote access from an attacker”.
Thank you. VeraCrypt was what I was looking for
1 Like