VeraCrypt is a cross platform encryption solution. It can create encrypted containers to protect your files, or you can encrypt an entire disk partition on a Linux system. VeraCrypt uses the latest encryption standards, so many users place their trust in it. In this tutorial, you will see the step by step instructions to encrypt an entire disk on Ubuntu Linux.
encyption
How to use LUKS with a detached header
Linux Unified Key Setup (LUKS) is the de-facto standard block device encryption format used on Linux-based systems. We already discussed some of the features provided by it in a previous tutorial about using a file as a LUKS device key.
Introduction to crypttab with examples
In a Linux based operating system, the crypttab file (/etc/crypttab), is used to store static information about encrypted block devices which are meant to be set up and unlocked at boot. In this tutorial we learn how it is structured and how to organize data in it.
USB stick encryption using Linux
If you were to ever lose your USB stick, all data stored on it will be lost. More importantly, your USB stick may end up in the hands of some other person, which will have access to your private files, and use that information in any way they please. This is one of many fears of USB stick users. One of the simplest solutions to this dilemma is to keep only non-private information on the USB stick. Obviously, this would defeat a primary purpose for the storage device.
Another solution is to encrypt your USB stick so it will be accessible only to those users who possess the correct password which will fit to decrypt the USB stick’s encryption. This article will deal with the second solution and that is encryption of a USB stick device. Although encrypting an USB stick seems to be the best and easiest solution, it must be said that it also comes with number of disadvantages. The first disadvantage is that decryption of the USB key must be done using a Linux system that has the dm-crypt module installed.
In other words, you cannot use your encrypted USB stick on any Windows machine and UNIX-like system with older kernels. Therefore, to encrypt only a part of the USB stick which holds only private information seems to be a good solution. In this article, we will go through the step by step instructions of encrypting part of a USB device on Linux. Read on to see how it’s done.
In this tutorial you will learn:
- How to install cryptsetup on major Linux distros
- How to partition a USB stick
- How to encrypt a USB stick partition
- How to mount encrypted partition
How to encrypt partition in Linux
One of the best ways to protect your files on a Linux system is to enable hard disk encryption. It’s possible to encrypt an entire hard drive or partition, which will keep every file that resides there safe. Without the correct decryption key, prying eyes will only be able to see cryptic gibberish when they try to read your files.
In this guide, we’ll go over the step by step instructions of using LUKS to encrypt a Linux partition. Regardless of what Linux distro you’re running, these steps should work the same. Follow along with us below to get partition encryption configured on your own system.
In this tutorial you will learn:
- How to install cryptsetup on major Linux distros
- How to create an encrypted partition
- How to mount or unmount encrypted partition
- How to setup disk encryption during Linux install
How to configure, mount, and access encrypted partition on Linux
How to generate and backup a gpg keypair on Linux
Gnu Privacy Guard (gpg) is the Gnu project free and open source implementation of the OpenGPG standard. The gpg encryption system is called “asymmetric” and it is based on public key encryption: we encrypt a document with the public key of a recipient which will be the only one able to decrypt it, since it owns the private key associated with it. Gpg allows us also to sign documents using our private key and let others verify such signature with our public key. In this tutorial we will see how to generate and create a backup of a gpg keypair.
In this tutorial you will learn:
- How to install gpg
- How to generate a gpg keypair
- How to list our keys
- How to create a backup/export a gpg keypair and trustdb
How to keep files and directories synchronized across different devices using syncthing on Linux
Syncthing is defined as a continuous file synchronization program: it can be used to keep files and directories synchronized across different devices or “nodes”. The application uses TLS as encryption method, and it is, together with its protocol, free and open source software. When using Syncthing, our data remains on our device, and is transferred directly to the destination without relaying on a central server (peer to peer). In this tutorial we will see how to install, configure and use Syncthing on Linux.
In this tutorial you will learn:
- How to install Syncthing on the most used Linux distributions
- How to setup the firewall for Syncthing to work correctly
- How to share and keep a directory synchronized across two devices
- How to austostart the Syncthing daemon automatically on user login
How to install Debian on an existing LUKS container
LUKS (Linux Unified Key Setup) is the de-facto standard encryption method used on Linux-based systems. While the Debian installer is perfectly capable of creating a LUKS container, it lacks the ability to recognize and therefore re-use an already existing one. In this article we see how we can workaround this problem using the “DVD1” installer, and running it in “advanced” mode.
In this tutorial you will learn:
- How to install Debian in “advanced-mode”
- How to load the installer additional modules needed to unlock an existing LUKS device
- How to perform the installation on an existing LUKS container
- How to add an entry in the crypttab file of the newly installed system and regenerate its initramfs
Best compression tool on Linux
There’s no shortage of compression tools available for Linux systems. Having so many choices is ultimately a good thing, but it can also be confusing and make it more difficult to select a compression method to use on your own files. To complicate things further, there is no objectively best tool for every user or system, and we’ll explain why.
When it comes to compression, there are two benchmarks that we need to be concerned with. One is how much space is saved, and the other is how fast the compression process takes place. Another thing to take into consideration is how widespread a certain compression tool is. For example, it’d be much more appropriate to package files into a .zip archive instead of .tar.gz if you know that the archive will need to be opened on a Windows system. Conversely, a .tar.gz archive makes more sense on Linux, since tar files save file permissions.
In this guide, we’ll be looking at a variety of compression tools that are available on the most popular Linux distributions. We’ll compare their compression ratio, speed, and other features. By the end of this guide, you’ll be armed with enough information to choose the best compression tool for any given scenario.
In this tutorial you will learn:
- Benchmark results of various compression utilities
- How to conduct your own tests to measure compression ratio and speed
- Picking a compression utility based on compatibility
How to create compressed encrypted archives with tar and gpg
There are many reasons why you may want to create compressed encrypted file archives. You may want to create an encrypted backup of your personal files. Another possible scenario is that you may want to privately share content with a friend or colleague over the web or through cloud storage. Tar.gz files, or compressed tarballs, are created using the tar command. These tarballs are pretty much the standard go-to format for archives on GNU/Linux, however they are not encrypted. In the above scenarios that we mentioned it is often desirable to have encryption in order to secure your data. This is where gpg comes in.
Install ARCH Linux on ThinkPad X1 Carbon Gen 7 with encrypted filesystem and UEFI
In this article we will be installing Arch Linux on ThinkPad X1 Carbon Gen 7 Laptop. This tutorial contains installation instructions, basic configuration as well as some post-install tuning of Arch Linux to get you started.
Most of the instructions are Arch Linux installation generic hence with a simple modifications this tutorial can be used for any UEFI system installations. However, some points are specific to ThinkPad X1 Carbon Gen 7 therefore basic Linux Administration skills are required in case you are installing Arch Linux PC/Laptop other then ThinkPad X1 Carbon Gen 7.
This guide will only get you started. If you have some additional tips and tricks on how to improve performance please use the comments below so we can incorporate them into this guide.
Thank you.
After completing this tutorial you will end up with:
- Installed Arch Linux with GNOME desktop
- Encrypted
/directory usingluksencryption - Configured Linux boot loader using
systemd-boot - Created Logical Volumes and partitions to host your
swapand/directory - Configured EFI parition for your
/bootdirectory - Basic System configuration and fine-tuning
- Ability to use wireless to connect to your WiFi from GNOME desktop
- Functioning Bluetooth and Thunderbolt controller
- Ability up upgrade a firmware on your ThinkPad X1 Carbon Gen 7