External drive encryption question

g6d3np81@kbin.social to Linux@lemmy.ml – 43 points –

How should I do it if I want to...

  • Format external SSD to use with linux
  • Full drive encryption
  • Compatible with windows (temporarily)
  • Preferably do it with KDE GUI

Context: A linux noob. I got a new laptop earlier this year and uses it mainly for tinkering/playing with linux, get competent with it before dropping windows completely on my main desktop. There is a lot of stuff I want to move back and forth between those machines during this learning period.

My idea is to use an external SSD which when I'm done with windows, I can still use it to store work files or any sensitive stuff, so it will need encryption.

Saw a reddit thread saying I still need veracrypt, which I'm totally ok with on windows side but I prefer keeping everything simple on linux side (I only know it can be done without any extra package)

Extra question:
I can possibly store all works and sensitive data on encrypt external and leave root drive unencrypted. In that case, which file system should I use on which drive? Does it matter?

Thank you in advance.

22

You are viewing a single comment
View all comments

If you’re only using the external disk for days you could use ntfs with bitlocker and mount that in Linux. When your rest to fully migrate you could then do something Linux only if you wanted.

Yup, if you want Windows compatibility, it's the best. This is what I did. I created the disk in windows, standard NTFS, bitlocker encrypted. It mounts in Linux automatically asking for a passphrase with a popup.

That's what I do on my external drive. Used to use Windows so bitlocker it was with NTFS.

Now on Linux I just use it normally as its recognized without any problem.

I'm sure as hell not gonna erase my data to inplant veracrypt just for the sake of it.

For future drives, veracrypt it is.

I still wouldn’t use Veracrypt on a Linux disk. What about LUKS instead?

Yeah, I was talking about external harddrives and sticks.

I’d still use LUKS. Even on USB keys.

Similar here, my work archive is Windows bitlocker password enabled. There is a linux package on SUSe that supports read write of Ntfs nicely, and GNOME promtps for bitlocker password. Easy Peasy

That, I didn't think of. Still... I will eventually have to do it the linux way, might as well learn and familiarize with it now.

Forgot to mention that it will be quite a while before I can drop windows completely but for sure I'm not upgrading or doing another windows install.

Depending on your specific situation, it could be a solid option to just jump in to whatever distro covers your needs best and just run Windows in a VM. On a current Linux device which previously ran windows, throw this in the terminal:

sudo strings /sys/firmware/acpi/tables/MSDM

and it will source the old Windows product key. You can also just jot down the key by pulling it up in Windows too. But regardless of how it's handled, it makes the VM setup an easier process for sure!