Gocrypt
Jump to navigation
Jump to search
User space tipo virtuali fuse pagrindu sukurta failu sistema skirta failu sifravimui. Naudojamas sifras AES256-GCM arba AES256-SIV. Panaudojimas labai paprastas, vaultai kuriami direktorijose, nereikia formatuoti ar kitaip paruosti disku ar ju particiju, galima naudoji jau esamoje failu sistemoje. Multiplatformis veikia Windows (cppcryptfs) Linux ir MacOS.
MacOS
- Sudiegiam MacFuse brew install --cask
- Sudiegiam go
- Atsiunciam source
- Sukompiliuojam
Idedam i ~/.zshrc
export PATH="${PATH}:/usr/local/go/bin:${HOME}/go/bin"
Buildinam
./build-without-openssl.bash
Mount scriptas, skirtas uzmountinti encryptinta volume is SMB. Pirma karta uzmountina, antra karta jeigu path'ai jau yra primontuoti, unmountina.
#!/bin/bash
LOCAL_PATH=$HOME/data
REMOTE_PATH="//admin:admin@server.lan/secret/data"
if ! [[ -d $LOCAL_PATH/.tmp ]]; then
mkdir -p $LOCAL_PATH/.tmp
fi
if ! [[ -d $LOCAL_PATH/Private ]]; then
mkdir -p $LOCAL_PATH/Private
fi
if ! [[ -e $LOCAL_PATH/.pswd ]]; then
echo "Create file $LOCAL_PATH/.pswd with your encrypted vault password"
fi
mounted=0
if ! [[ -e $LOCAL_PATH/.tmp/gocryptfs.conf ]]; then
mount_smbfs $REMOTE_PATH $LOCAL_PATH/.tmp
else
echo "SMB is already mounted"
mounted=$((mounted+1))
fi
if ! [[ -e $LOCAL_PATH/Private/.mounted ]]; then
gocryptfs -passfile $LOCAL_PATH/.pswd $LOCAL_PATH/.tmp $LOCAL_PATH/Private
else
echo "Cryptfs is already mounted"
mounted=$((mounted+1))
fi
if [[ $mounted == 2 ]]; then
echo "All filesystems are mounted, unmounting..."
umount $LOCAL_PATH/Private
umount $LOCAL_PATH/.tmp
fi