The way it is done in DiskCryptor.
Dm-crypt doesn't provide such functionality,
nor any other tool that i am aware of.
Why is that?
Asked
Active
Viewed 1,440 times
0
xelvet
- 21
-
define on-the-fly as you are using it here. All disk encryption system are on-the-fly by the standard usage, because when you write a file to the disk, it is encrypted at write, and when you access it again, it is decrypted automatically for you. an example of a not on-the-fly approach is a file ciphered in GPG. you have to decrypt the data to an unencrypted file before reading, and if you change the file, you have to reencrypt it again manually, deleting your cleartext copy, and overwriting the original ciphered file if you want it to be updated. – Frank Thomas Apr 25 '14 at 23:01
1 Answers
0
Because there is explicit open-source support for setting up full-disk encryption during the install process in some distributions, such as Debian and Ubuntu. Since it's open source, it can be audited by security experts and/or those concerned (not sure if anyone has done that for the dm-crypt code though).
Windows offers a comparable feature called Bitlocker but no one can check that code out besides Microsoft to determine if there's any backdoors, etc. Truecrypt is most useful on Windows as a result, and it makes sense that its use on Linux would be mostly to read existing (likely Windows) volumes or create new volumes you might later use for a Windows install.
If you install unencrypted and later change your mind, it's a bit of work but not impossible to convert it to an encrypted installation on Linux.
LawrenceC
- 73,957