OK - here’s the scenario…
My Ubuntu 20.04 laptop has data on there, most of it I couldn’t give a rat’s @rse if someone got it - but - some of it is sensitive, and some of it is possibly “confidential” customer information…
That data gets sync’d across my “infrastructure” using Resilio Sync (e.g. my NAS, my RPi4, 3 x Ubuntu 20.04 machines, my work’s Windows 10 laptop, my iPad Pro 12.9").
What I’d like to do is encrypt two of the three folders I sync (three separate “sync folders” in Resilio - I don’t care about my music folder being encrypted), and it ONLY has to be on one computer - i.e. after the encrypted “stores” are mounted (hopefully automatically, or by a quick and dirty shell script), I fire up Resilio Sync (probably from the same crude shell script) and get them synchronised, but only on that one computer (that I commute with), everything else can store it on “plain Jane” ext2/3/4 exfat/NTFS/bitlocker filesystems, e.g. my Win10 laptop at work has bitlocker or whatever the crap Microsoft call their encryption, and if that gets lost or stolen, hopefully the data will still be secure…
I don’t really care about the computers I keep at home - if someone breaks in and steals one, then data security is the least of my worries…
So - what I wanted to do, was encrypt :
~/ResilioSync/motorforker
(mostly shell scripts, but there are few that reference other files in the same sync folder that contain passwords [like an expect script I use to stay connected to work’s hideous Checkpoint VPN]).
-and-
~/ResilioSync/bigguns
(lotsa images/memes I snag, a bit of eye candy [attractive ladies and motorcycles mostly]), but most importantly, documents I need to do my job that I wouldn’t want nefarious entities to violate…
I used to use TrueCrypt yonks ago, as the same vaults could be opened on Windows or Linux machines, but it looks poorly maintained and probably out of date…
And I spotted an article from our very own “It’s FOSS” - but - it mentioned having to use a PPA - I NEVER use PPAs, avoid them like the plague after being stung by dependancy hell issues after updates et cetera.
AND : here’s the gotcha, I really couldn’t be @rsed re-installing Ubuntu on this laptop and setting it up again from scratch to use the default “encrypt my whole filesystem” - which I REALLY should have done (I used to have this laptop setup that way)… I’ve installed too much, and got it running sweet, and not really too keen on the disruption a re-install would entail… I guess it’s a not huge amount of stuffing around… I could do it on the weekend I suppose… oh well…
It’s just a shame that Ubuntu 18 didn’t / doesn’t support ZFS out of the box like 20.04 does (because of a few dependancies - i.e. Checkpoint SNX VPN client, and Citrix ICA client, which ONLY install on 18.04, I have to install 18.04 first, then upgrade) - 'cause then I could just create an encrypted zvol on my existing ZFS “root” zpool and mount that and be done with it…
Also - if you hadn’t gathered by now, not really asking for a friend, it’s for me!