fscrypt a usb drive?

To: debian-user@lists.debian.org
Subject: fscrypt a usb drive?
From: Pocket <pocket@columbus.rr.com>
Date: Mon, 27 Nov 2023 12:09:34 -0500
Message-id: <[🔎] cd910084-0d1f-4d4a-b273-cc679c87bad0@columbus.rr.com>

I am trying to use fscrypt to encrypt then be able to mount and umount it

Then fscrypt unlock <mountpoint> to access it

I have been unable to do so in that after I mount the drive and setupfscrypy I then have to create another directory under the mount point.


The USB drive was formatted like this:

mkfs.ext4 -O encrypt /dev/sdd1


Here is what I did, logged in as root:

mount /dev/sdd1 /home/fscrypt

fscrypt setup

fscrypt encrypt /home/fscrypt

[ERROR] fscrypt encrypt: Directory "/home/fscrypt" cannot be encryptedbecause it is non-empty.


Ok I get that so.........

rm -r /home/fscrypt/lost+found

Try Again......................

fscrypt encrypt /home/fscrypt

[ERROR] fscrypt encrypt: filesystem /home/fscrypt is not setup for usewith fscrypt

Run "sudo fscrypt setup /home/fscrypt" to use fscrypt on this filesystem.


Alright.........................

fscrypt setup /home/fscrypt/

Allow users other than root to create fscrypt metadata on thisfilesystem? (Seehttps://github.com/google/fscrypt#setting-up-fscrypt-on-a-filesystem)[y/N] Y

Metadata directories created at "/home/fscrypt/.fscrypt", writable byeveryone.

root@scott:/home/fscrypt# fscrypt encrypt /home/fscrypt

[ERROR] fscrypt encrypt: Directory "/home/fscrypt" cannot be encryptedbecause it is non-empty.

Files cannot be encrypted in-place. Instead, encrypt a new directory,copy the

files into it, and securely delete the original directory. For example:

     mkdir "/home/fscrypt.new"
     fscrypt encrypt "/home/fscrypt.new"
     cp -a -T "/home/fscrypt" "/home/fscrypt.new"

find "/home/fscrypt" -type f -print0 | xargs -0 shred -n1--remove=unlink

     rm -rf "/home/fscrypt"
     mv "/home/fscrypt.new" "/home/fscrypt"

Caution: due to the nature of modern storage devices and filesystems, the

original data may still be recoverable from disk. It's much better toencrypt

your files from the start.

ls -hal /home/fscrypt
total 12K
drwxr-xr-x 3 scott scott 4.0K Nov 27 11:52 .
drwxr-xr-x 4 root  root  4.0K Nov 27 11:09 ..
drwxr-xr-x 4 root  root  4.0K Nov 27 11:52 .fscrypt


I am missing something here.........

Is there a way to do this so I have a USB drive encrypted using fscryptthat I can mount the fscrypt unlock it?

Reply to:

Follow-Ups:
- Re: fscrypt a usb drive?
  - From: Max Nikulin <manikulin@gmail.com>

Prev by Date: Re: connect two hosts over wifi without router?
Next by Date: Re: connect two hosts over wifi without router?
Previous by thread: Re: connect two hosts over wifi without router?
Next by thread: Re: fscrypt a usb drive?
Index(es):
- Date
- Thread