CCF Archive Site

I just tried p and it didn't unlock the volume.

First off, good for you. So everything still works. Secondly, it seems like this started with a specific distro but it cascaded into all the others as a knee jerk reaction. In the end it seems like some sloppy programming and bad assumptions led to the problem but I'd think it's nothing that can't be fixed. At least that's my gut feeling.

You can Goggle it if you really care but it goes on and on. To me it seems like people have abandoned it and moved on. I'm surprised they don't fix it but I'm not an expert in the field and maybe better options exist?

Ok guys. I'm not embracing Cryptkeeper as a tech religion icon or anything. I looked for lightweight file encryption system that would not bog down my PC and which did not have a single point of failure (like an all in one archive) and also one that would not make my system unstable (Veracrypt kept crashing my Mint box.)

I do see their f*ckup with the universal password:

https://www.bleepingcomputer.com/news/security/epic-fail-linux-encryption-app-cryptkeeper-has-universal-password-p/

I simply wanted encryption of certain files such that a grab-and-go thief who got hold of my hard drive would be very unlikely to be able to get into certain files.

In fact, even if the universal password IS "p", how likely is it a thief will known Linux, etc?

The system in question is never exposed to the internet at the command line.

I grabbed Cryptkeeper off of the package repository for Linux Mint. I didn't get it anywhere obscure. I wanted something lightweight, stable and reliable.

Cryptkeeper is just that.

Simple as all that.

As to Gorn's point about Cryptkeeper and VeraCrypt, they work and do the advertised job.

I guess VeraCrypt is more stable on Windows than Linux but I bet people still use Truecrypt as well. And with Cryptkeeper, the bug first showed up after some update. I'm guessing that as long as you stay behind that point then it's still a secure tool to use.

And as he stated, the purpose is to stop an opportunistic thief not some government or large agency.

Funny how I think VC under Windows is easy to use but I'm not some power user and certainly not encrypting an entire drive.

I've run Truecrypt on Windows and Linux and Veracrypt on Linux.


The UI for creating volumes and mounting volumes and performing utility functions is totally the same in both OSs for each utility and Veracrypt looks vera vera vera much like Truecrypt's UI. The volume files are portable between Linux and Windows, IE, one created and used in Windows can be readily opened and at least read in Linux.


There's nothing to even talk about here about program differences that I have experienced for normal usage, it's just so absolutely banal it's mind numbing.


Command line? Again absolutely nothing to discuss, no mystery or ambiguity. Yes there is one and it covers everything you'd do in the UI.


https://www.veracrypt.fr/en/Command%20Line%20Usage.html


I'm not even that good at traditional keep-end-users-running IT and I know these things, Easy to find, easy to test, Google is your friend here.

Just one more time, guys - the ultimate reason I got driven off of Veracrypt is because using it crashed my Mint Linux box - powered down and shutdown with no warning - almost every time I mounted a file-volume with it and started to work with it, even just reading it. On Linux I find Veracrypt to be an unstable P.O.S.

The crashes stopped when I stopped working with it, and indeed I have used Memtest86+ and tested my current memory overnight w/ no errors detected.

Your mileage may vary.

Well, with that said, I'm surprised there isn't a well established procedure to do just that under Linux / Unix. I remember years ago processing data files from several partners at an insurance gig where everything was encrypted. If I recall this step was usually handled by the DBA but it worked seamlessly.

Why are we talking about which tool to use today? Why isn't this a no-brainer?

I know you're not judging me.

I'm just incredibly cranky and I take offense at anything anyone says. It's my thing, my purpose.   

A BIT more seriously - this "simple tools" discussion just seemed to spiral aimlessly a bit and I wasn't clear what the lack of mutual understanding really was about. 

For example, it was alluded no command line on Veracrypt. Whaaa? EVERTHING on Linux has a command line even if it has a GUI.

I was simply driving a stake in the ground - this is A, you find out B, C and D are cool, I use A because E and F.

I guess I would circle back to the ultimate question, again.

Why would you WANT to encrypt your ENTIRE drive?

It is much better to think of high level goals. What are you trying to accomplish?

Hide personal files? Don't need whole drive and boot loader encryptions.

The one time I used Windows' approved encryption on my hard drive, I almost couldn't restore the backup copy of the drive. I wrote about that here extensively at the time (2013.)