18
does Linux have kernel level cryptographic encryption (lemmings.world)
submitted 2 days ago by PixelPilgrim@lemmings.world to c/linux@lemmy.ml
9 comments fedilink hide all child comments

i had this idea that a program can edit files in an encrypted environment. WinRaR with higher level of encryption would be the best way to describe it. but i was wonder if the files on a linux HDD or SDD are encrypted.

I do have this idea that you can save encrypted files to a cloud server and pull it out and unencrypted by a light weight program

top 9 comments
sorted by: hot top controversial new old
[-] DrDystopia@lemy.lol 4 points 2 days ago

I do have this idea that you can save encrypted files to a cloud server and pull it out and unencrypted by a light weight program

Sounds like Cryptomator would work for you.

[-] FauxLiving@lemmy.world 5 points 2 days ago

It sounds like you're trying to make something like: https://github.com/cryptomator/cryptomator

It takes the files that you want to store in the cloud and encrypts them into a bunch of individual files (like encrypted archives) and uploads them to the server. When you access the files it automatically pulls down the archives that contain the files that you want.

You just see a regular directory that's being synced with the cloud, but the cloud service provider only sees you uploading a bunch of encrypted files with nonsense filenames.

[-] solrize@lemmy.ml 6 points 2 days ago

There is dmcrypt that basically does what you want. IDK if the implementation is in kernel space though. It works through /dev/mapper if that matters.

[-] PixelPilgrim@lemmings.world 3 points 2 days ago

I'm too high to understand encrypt but it sounds close to what I want. I'll have to research it later

[-] solrize@lemmy.ml 2 points 2 days ago

Look up docs for cryptsetup which is the simplest way to use it. The Debian installer (and maybe others) can set it up for you automatically as well.

[-] prole@lemmy.blahaj.zone 2 points 2 days ago

KDE has built in "vaults" now that sound maybe like what you're looking for.

[-] floquant@lemmy.dbzer0.com 2 points 2 days ago

Storing files encrypted and decrypting them on-demand is called "encryption at rest". Linux supports it but is not enabled by default. You can also encrypt /boot to get FDE (Full Disk Encryption) to ensure that the kernel or bootloader is not tampered with. Look into LUKS

[-] hades@feddit.uk 4 points 2 days ago

This is not entirely correct. Many distributions do enable encryption by default. Also, encrypting the /boot partition does not guarantee the integrity of the boot sequence, you need to enable and correctly configure Secure Boot for that.

[-] mvirts@lemmy.world 1 points 2 days ago

Agreed it sounds like op wants luks. Dare I say if you want bitlocker for Linux, it's luks.

this post was submitted on 14 Oct 2025
18 points (95.0% liked)

Linux

57274 readers
937 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago
MODERATORS
AgreeableLandscape@lemmy.ml
nooter692@lemmy.ml
MarcellusDrum@lemmy.ml
cypherpunks@lemmy.ml
cyclohexane@lemmy.ml
d3Xt3r@lemmy.nz