Score:-1

Ubuntu

Encrypted file/directory to be mounted as drive?

DynV

5/7/24, 6:34 PM

I need something--portable--to be mounted as drive to show its encrypted content. I've been loaned an Ubuntu 22.04 Desktop system for some weeks as I'm not home and I'd like to save file in a manner which make it so when I hand it back, it won't be accessed easily if "undeleted". I'd like that while I'm using the system for the content to be easily saved in that fashion, which mounting it as a drive seem the easiest way. As I'm about to hand the system back, I'd like the file or directory containing my encrypted content to be saved on a USB stick then deleted from the system. Hopefully the USB stick newly added content can be decrypted on my system, thus not needing separate encryption, which its OS is Windows 10; if needed I can install a VM on it to run Ubuntu to do the decrypting copy (from USB stick).

One might think I can leave my stick in and save the content unencrypted but

it's hidden and I'd prefer to only take it out as I'm about to leave and
I sometimes share that stick (not to the ones I'm currently seeing) and I'd rather not the content I'm soon to saved to be "undeleted" then easily accessed.

For my current need I don't need strong encryption, just not something super-easy to decrypt (ie point the encrypted file/directory to a program and < 1 hr with an average system one can read its content). If such thing as a 1 to 10 encryption scale can be made/imagined, I'd like something ~3/10.

Would you kindly point me to something that could accomplish my goal (in 1st paragraph) ?

Thank you

1 + 0

encryption

Score:1

Ubuntu

Nmath

5/7/24, 6:51 PM

Veracrypt creates a virtual encrypted disk within a file and mounts it as a real disk.

This sounds like exactly what you're describing.

Beware that even with this option, there are ways that encrypted data can leak to other unencrypted parts of your system.

For example, even if you keep a document inside of the encrypted container, you might open that document in an application that automatically saves backups of documents in an unencrypted location. If that happens, copies of your document could still exist in an unencrypted location.

+ 11

DynV

5/8/24, 4:15 PM

Would you kindly let me know what kind of encryption I should use considering the paragraph mentioning "just not something super-easy to decrypt" ?

Nmath

5/8/24, 4:19 PM

It really doesn't matter what algorithm you choose. Veracrypt doesn't use any that are known to be compromised. What's important is that you choose a good passphrase that can't be brute forced.

Nmath

5/8/24, 8:54 PM

I'm not sure I understand what you're asking. When you mount a veracrypt volume, it becomes mounted on your system like any other volume. There is going to be overhead for any encryption algorithm you are using. But beyond that, the only thing that takes any time is to open the application, select your container, enter your credentials, and wait a moment for the application to mount the volume.

DynV

5/9/24, 12:41 AM

Which has the lowest/smallest overhead that is "not something super-easy to decrypt"?

Nmath

5/9/24, 1:57 AM

It depends on several factors like what hardware you have. That's going to be something you're going to want to research separately if that is a concern of yours. I will stress again that the only reason that would make it "super-easy to decrypt" is if you make poor choices with your credentials. For example, if you choose the password `qwer1234!` it will be very easy to brute force.

DynV

5/14/24, 7:51 PM

I had a lot of difficulty removing the encrypted content from the system after I finally was able to, seemingly with sheer luck, there's still a drive that was created by Veracrypt which remains (but won't mount). Also after I rebooted I was able to mount the encrypted file without providing the password from the encryption, I simply double-clicked the drive created by Veracrypt. Even with these difficulties I'd rate the program 7/10 but if I would have been forced to hand back the system quickly, it would have been a serious issue. Could you help with removing the Veracrypt drive?

Nmath

5/14/24, 7:53 PM

If you didn't encrypt an entire physical disk then it's just a file. Delete it exactly however you'd delete any other file. If you encrypted an entire disk, format the disk.

DynV

5/14/24, 11:46 PM

I unmounted the drive then moved the encrypted file to the external drive (I don't know if Ubuntu works like Windows but with the latter it's harder to undelete moved files) then remounted it then not only would the files be listed, I could open them.

Nmath

5/15/24, 12:28 AM

I'm a bit confused about what you're asking. The data is encrypted "at rest" on the disk. In order for someone to mount the file system and access the data they need to have the credentials you need to mount. This is why it's important to pick credentials that are very difficult to guess. The encryption algorithms have no known vulnerabilities that would let someone decrypt without those credentials. If you're asking why you can see the files when it's mounted, this is like asking how someone could drive away with your car if you leave it unlocked and running with the keys inside.

DynV

5/15/24, 4:14 AM

Perhaps the steps weren't clear (1) unmounting (2) moving the encrypted file (3) since the drive was still shown in the task bar I attempted to remount it by double-clicking it; and #3 was successful. **Before** #3 the encrypted file created by Veracrypt was no more on the system.

Nmath

5/15/24, 6:14 AM

You're describing what would be a massive security flaw in the application. If you've really found a way to decrypt a veracrypt volume without authentication, that's a really big deal and the developers will want to know about it. I am very surprised if it's possible to do so, especially by accident. In any case, if you're sure that's what you've found, I recommend filing a bug report with the developers so they can investigate and fix the problem

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Encrypted file/directory to be mounted as drive?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.