PupVault v8 - a luks encrypted file store
Posted: Sun 07 Apr 2019, 16:45
PupVault works a bit like a physical vault.
Once you've set it up, if you want access to any of the files inside you "Open" it,
and after you "Close" it, you can't access what is inside or even see what is inside.
The "combination" to this PupVault is a password which you define when you "Create" it.
Without this password the contents of the PupVault are inaccessible, all you can do is delete the PupVault file.
So, don't forget the password.
Guessing the password is also the easiest way for "attackers" to gain access to the PupVault.
So the password needs to be difficult to guess.
A PupVault is a file, just like a luks encrypted savefile.
So, it can be stored any where, on any filesystem.
When you "Create" a PupVault file, you need to specify the size of the file in MiB.
The minimum size is 4MiB, but with this size there is only a little less than 1MiB of available space inside.
So I suggest that, once you have worked out which files you want to keep secret and how much space they require,
you create a trial PupVault to see if your files will easily fit inside.
Also when you "Create" a PupVault file, you will be asked for a "name", the default being 'vault'.
Whatever "name" you choose, '_luks.4fs' will be appended to produce the filename of the PupVault file,
so the default filename is 'vault_luks.4fs'.
Prerequisites:
1. A working "cryptsetup" utility to do the luks stuff.
2. Bionicpup32, Bionicpup64 or similar woof-ce vintage Puppy.
PupVault v8 is released as a ydrv...sfs for these Puppies because it makes use of the enhanced luks support contained within "ydrv_pupvault_8.sfs".
These luks enhancements replace some existing woof-ce files that have significantly changed over recent months, the replacements won't work properly in older Puppies.
Usage:
1. Download the "ydrv_pupvault_8.sfs" file, move it into the frugal install directory of a suitable Puppy,
rename it to the appropriate ydrv filename for that Puppy, and reboot.
2. "PupVault - encrypted file store" should be available in the "Filesystem" menu beside "Pmount".
3. Run "PupVault" and "Create" a PupVault file.
4. "Open" the PupVault file, which opens a filemanager window at the mountpoint.
5. copy/move some "secret" files into the opened directory.
6. "Close" the PupVault file, which closes the filemanager window opened in 4.
Notes:
1. The default PupVault file is "$HOME/vault_luks.4fs", usually '/root/vault_luks.4fs'.
2. The default mountpoint is '/mnt/vault'
Why do this when Puppy already has luks encrypted savefiles available?
1. Savefiles contain a lot of files that are Puppy files and hence easily available in the public domain.
What's the point of encrypting these files? Remember that any software installed via a ".pet" is in there.
2. Some Puppy users prefer to use a savefolder rather than a savefile, but would still like to encrypt some of their files.
3. A PupVault file can be stored any where in the mounted filesystem, so it can be stored outside the save mechanism and hence be shared between many Puppies.
gyro
Once you've set it up, if you want access to any of the files inside you "Open" it,
and after you "Close" it, you can't access what is inside or even see what is inside.
The "combination" to this PupVault is a password which you define when you "Create" it.
Without this password the contents of the PupVault are inaccessible, all you can do is delete the PupVault file.
So, don't forget the password.
Guessing the password is also the easiest way for "attackers" to gain access to the PupVault.
So the password needs to be difficult to guess.
A PupVault is a file, just like a luks encrypted savefile.
So, it can be stored any where, on any filesystem.
When you "Create" a PupVault file, you need to specify the size of the file in MiB.
The minimum size is 4MiB, but with this size there is only a little less than 1MiB of available space inside.
So I suggest that, once you have worked out which files you want to keep secret and how much space they require,
you create a trial PupVault to see if your files will easily fit inside.
Also when you "Create" a PupVault file, you will be asked for a "name", the default being 'vault'.
Whatever "name" you choose, '_luks.4fs' will be appended to produce the filename of the PupVault file,
so the default filename is 'vault_luks.4fs'.
Prerequisites:
1. A working "cryptsetup" utility to do the luks stuff.
2. Bionicpup32, Bionicpup64 or similar woof-ce vintage Puppy.
PupVault v8 is released as a ydrv...sfs for these Puppies because it makes use of the enhanced luks support contained within "ydrv_pupvault_8.sfs".
These luks enhancements replace some existing woof-ce files that have significantly changed over recent months, the replacements won't work properly in older Puppies.
Usage:
1. Download the "ydrv_pupvault_8.sfs" file, move it into the frugal install directory of a suitable Puppy,
rename it to the appropriate ydrv filename for that Puppy, and reboot.
2. "PupVault - encrypted file store" should be available in the "Filesystem" menu beside "Pmount".
3. Run "PupVault" and "Create" a PupVault file.
4. "Open" the PupVault file, which opens a filemanager window at the mountpoint.
5. copy/move some "secret" files into the opened directory.
6. "Close" the PupVault file, which closes the filemanager window opened in 4.
Notes:
1. The default PupVault file is "$HOME/vault_luks.4fs", usually '/root/vault_luks.4fs'.
2. The default mountpoint is '/mnt/vault'
Why do this when Puppy already has luks encrypted savefiles available?
1. Savefiles contain a lot of files that are Puppy files and hence easily available in the public domain.
What's the point of encrypting these files? Remember that any software installed via a ".pet" is in there.
2. Some Puppy users prefer to use a savefolder rather than a savefile, but would still like to encrypt some of their files.
3. A PupVault file can be stored any where in the mounted filesystem, so it can be stored outside the save mechanism and hence be shared between many Puppies.
gyro