Data encryption with SiriKali
Hardened Choice
SiriKali encrypts files and directories with just a few mouse clicks, without the inefficiency of fixed-size containers.
Many Linux users are wary of encrypting their data – primarily because most of the available tools don't offer a graphical user interface, and also – but less often – because of a perceived lack of flexibility in handling encrypted data files. But in the modern era, when high-capacity USB media are easy to find, encryption is becoming more important. Tools such as TrueCrypt or its successor VeraCrypt have a graphical user interface but create containers of a fixed size, without the flexibility to deal with growing volumes. If you store only a few files, you are wasting storage space with a big container. On the other hand, if you create a container that is too small, running out of space will mean a time-consuming overhaul.
SiriKali [1] is an encryption tool that avoids fixed sizes for containers. By encrypting at the directory and file level, you only use as much storage space as the data actually takes up. SiriKali relies on various encryption back ends, with support for fscrypt, SecureFS, eCryptFS, CryFS, EncFS, gocryptfs, and SSHFS. (If you're considering EncFS, keep in mind that security vulnerabilities were discovered in an audit in 2014.)
In SiriKali, you deploy encrypted filesystems in user space – with the help of the FUSE kernel module, which means that you can work with the tools without needing admin privileges. SiriKali recognizes the back ends installed in the system and lets you use them without having to enter any parameters.
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia