i had this idea that a program can edit files in an encrypted environment. WinRaR with higher level of encryption would be the best way to describe it. but i was wonder if the files on a linux HDD or SDD are encrypted.

I do have this idea that you can save encrypted files to a cloud server and pull it out and unencrypted by a light weight program

  • DrDystopia@lemy.lol
    4·
    19 hours ago

    I do have this idea that you can save encrypted files to a cloud server and pull it out and unencrypted by a light weight program

    Sounds like Cryptomator would work for you.

  • FauxLiving@lemmy.world
    5·
    22 hours ago

    It sounds like you’re trying to make something like: https://github.com/cryptomator/cryptomator

    It takes the files that you want to store in the cloud and encrypts them into a bunch of individual files (like encrypted archives) and uploads them to the server. When you access the files it automatically pulls down the archives that contain the files that you want.

    You just see a regular directory that’s being synced with the cloud, but the cloud service provider only sees you uploading a bunch of encrypted files with nonsense filenames.

  • solrize@lemmy.ml
    6·
    1 day ago

    There is dmcrypt that basically does what you want. IDK if the implementation is in kernel space though. It works through /dev/mapper if that matters.

    • PixelPilgrimOPEnglish
      3·
      1 day ago

      I’m too high to understand encrypt but it sounds close to what I want. I’ll have to research it later

      • solrize@lemmy.ml
        2·
        1 day ago

        Look up docs for cryptsetup which is the simplest way to use it. The Debian installer (and maybe others) can set it up for you automatically as well.

  • floquant@lemmy.dbzer0.com
    31·
    23 hours ago

    Storing files encrypted and decrypting them on-demand is called “encryption at rest”. Linux supports it but is not enabled by default. You can also encrypt /boot to get FDE (Full Disk Encryption) to ensure that the kernel or bootloader is not tampered with. Look into LUKS

    • hades@feddit.uk
      4·
      22 hours ago

      This is not entirely correct. Many distributions do enable encryption by default. Also, encrypting the /boot partition does not guarantee the integrity of the boot sequence, you need to enable and correctly configure Secure Boot for that.

    • mvirts@lemmy.world
      1·
      18 hours ago

      Agreed it sounds like op wants luks. Dare I say if you want bitlocker for Linux, it’s luks.