Encrypting files and drives

Reading Exercise

To work with the encrypted container, as with a conventional drive, you must mount it manually on the system. Although Linux recognizes the drive, without the appropriate key file, it gives you no access to the container. Thus, you must once again call zuluCrypt and use the open | encrypted container in a partition menu to select the desired partition. To allow this to happen, the software displays a list of all recognized drives on the system along with their filesystems; encrypted containers always have an entry of crypto_LUKS in the type column (Figure 3).

Figure 3: ZuluCrypt shows in a list of all drives for mounting containers.

When you double-click a container, zuluCrypt mounts it as a new folder; the drive name is used as the folder name in your home directory. You can now work with the container like any conventional directory.

To correctly unmount the container after completing all your work, go to the zuluCrypt zC menu and select close all opened volumes. The tool now umounts the encrypted container, so you cannot see its contents without remounting via zuluCrypt.

Encrypting Files

If you do not want to create a whole container but want simply to protect individual files from prying eyes, then you can encrypt them individually in zuluCrypt using the zC | encrypt a file option. After you select this option, zuluCrypt will require the name of the file to be encrypted and a corresponding key. You can either re-enter a key manually or import it from a keyfile.

Then, zuluCrypt encrypts the file in question and stores it under the same file name, but with the suffix of .zc added, below your home directory. You can change both the filename and the target directory in the encryption dialog to suit your needs (Figure 4). Please make sure that the original file name does not contain any spaces, because zuluCrypt will refuse to encrypt in this case.

Figure 4: ZuluCrypt safeguards individual files from prying eyes.

To decrypt an encrypted file, select the program option zC | decrypt a file. Using the same clear-cut dialog that you saw when encrypting, you can now decrypt the desired file. This is quite a fast process: In the lab, zuluCrypt required only a few seconds to decrypt a file of around 100MB.

Container in a File

To protect smaller data sets, you can – as an alternative to encrypting a complete drive – use zuluCrypt to create container files that do not occupy the entire volume. Apart from this, these containers do not differ in terms of use from their larger siblings. You can create such a container by selecting create | encrypted container in a file; then enter the required data in a same dialog as for creating an encrypted partition. The only difference is that you must define the size of container file in addition to the filesystem to be used.

If you use multiple encrypted disks and containers simultaneously, zuluCrypt shows them all in its list window. This feature allows you to quickly switch between different content and close all open containers in one fell swoop when you shut down your system. The menu item zC | close all opened volumes (Figure 5) handles this process.

Figure 5: ZuluCrypt allows the simultaneous use of encrypted containers.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Disk Encryption

    Encrypted volumes have long since ceased to be an exception or luxury. Corporate policies and compliance rules often demand encryption for critical data. This article looks at tools for disk encryption on Linux.

  • Mofo Linux

    Mofo Linux enables secure digital communications, even in places where it is politically or ideologically unwelcome.

  • VeraCrypt

    Protect your data and operating system from prying eyes with VeraCrypt.

  • VeraCrypt

    The VeraCrypt encryption software comes with a handy graphical interface, and the ability to hide a container in an encrypted volume adds a unique professional feature: plausibly deniable encryption.

  • Encrypting Block Devices

    The recent revelations about NSA spying have sparked renewed interest in data encryption. Encrypting at the file level is quick and easy, but if you're looking for an extra dose of protection, try encrypting the whole block device.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More