Hi
I store files on external drive, both sensetive and regular one (like wallpapers etc).
So i think what should I use for that? Go with LUKS? VeraCrypt? Cryptomator? Or stick with my current one - PicoCrypt?
I need only linux support, but i try to maximize security…
These are all great options. Go with the one you like best and is easy to use. Follow PG suggestions when in doubt.
LUKS is my recommendation.
I’m a bit opinionated on this, but if you only intend to access the encrypted disks on Linux, use LUKS.
It’s a bit more convenient to do so. For one, you don’t need to have the Veracrypt daemon running to manage your encrypted disks. For two, if you also implement root filesystem encryption, you can have your disks automatically unlock at boot using a keyfile (see here as well for secure keyfile creation)
If the idea of losing a keyfile scares you, worry not, as you can configure LUKS to accept either a keyfile or a password. As far as I’ve seen (and tried with my Veracrypt-encrypted disk), this flexibility can’t be had with Veracrypt. You’d need a keyfile and a password
In any case, this approach is what I use on my desktop. It’s quite convenient; you only need to remember the password for your root filesystem. If you can’t access that for whatever reason, and thus can’t access your keyfile, you can fallback to using a password for it
Cryptomator has certainly rendered the process so straightforward that I often find myself questioning whether I’ve executed it correctly.