<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 27 April 2014 07:51, James Knott <span dir="ltr"><<a href="mailto:james.knott-bJEeYj9oJeDQT0dZR+AlfA@public.gmane.org" target="_blank">james.knott-bJEeYj9oJeDQT0dZR+AlfA@public.gmane.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="">Walter Dnes wrote:<br>
> So now the worry is not losing the USB key. Is there some form of<br>
> transparent on-the-fly encryption available that would allow me to read<br>
> *AND WRTE TO* the USB key? This is in case I lose the USB key. I'd be<br>
> looking at encrypting the entire "/dev/sdb1" USB key partition.<br>
<br>
</div>When you format a partition, there's always an option to encrypt it, but<br>
I haven't tried that.<br></blockquote><div><br> <br></div><div>The default encryption for Linux is LUKS. I used that not only for /home/ on my desktop, but also for my removable backup drives. Ubuntu 12.04 with LXDE recognizes the encrypted partitions when they're connected by USB and asks for a password to automount them, so this should work fine for what you're looking at. I'm no longer using automount - mostly because I switched to Openbox, but partly because I'm told automount is totally pooched in the newer Ubuntu and Debian installs - I've confirmed with a recent Jessie install. I use pmount and have been fairly happy with it. A couple friends are trying out udevil.<br>
<br></div><div>Here are the steps I use to encrypt a partition for use (partition can be unformatted, it will be wiped):<br></div><div><br> # cryptsetup --verify-passphrase --key-size 256 luksFormat /dev/sdb1<br> # cryptsetup luksOpen /dev/sdb1 VolumeLabel<br>
# mke2fs -j -L VolumeLabel -m 2 -t ext4 /dev/mapper/VolumeLabel<br></div></div><br></div><div class="gmail_extra">Not an explanation, but should give you pointers for where to look. As with any destructive disk operation, you're pointing a loaded gun: be careful.<br>
<br></div><div class="gmail_extra">If anyone who knows this process better than me ("I am not an expert," etc.) wants to point out errors in my method, please do: I'd like improve it if possible.<br></div><div class="gmail_extra">
<br>-- <br>Giles<br><a href="http://www.gilesorr.com/">http://www.gilesorr.com/</a><br><a href="mailto:gilesorr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org">gilesorr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org</a>
</div></div>