How to encrypt a btrfs subvolume?

encryption btrfs disk-encryption
11,017

Is it possible to encrypt a btrfs subvolume only (no need to be "transparent encryption")?

No, BTRFS does not currently have built-in support for encryption. Today, to encrypt a filesystem (not just a sub-volume) you'd need DM-Crypt/LUKS. See https://btrfs.wiki.kernel.org/index.php/FAQ#Does_btrfs_support_encryption.3F

Share:
11,017

Related videos on Youtube

renyuneyun
Author by

renyuneyun

Updated on September 18, 2022

Comments

  • renyuneyun
    renyuneyun almost 2 years

    I'm looking for information about encryption with btrfs. I have experience with full-disk (LVM actually) encryption, so this time I only need to look at some btrfs specific questions.

    I have found this article on archlinux wiki, and find this method is just the same as the previous encryption way I used (some time ago), except for the fact that they are using btrfs subvolumes instead of LVM.

    For me, I don't want / need a full-partition encryption as the home subvolume(s) is(are) the only place where I'd like to encrypt. (Actually there are more subvolumes under home, but that's another question.)
    However, through my search, I don't find any information about how to encrypt a btrfs subvolume only. The only most relevant thing I find is this mail from the btrfs mailing list, which is an experimental patch which provides transparent(?) encryption of btrfs (subvolume).
    I also couldn't think out of my mind what method can be used to encrypt a subvolume only.

    So, my main question is:

    Is it possible to encrypt a btrfs subvolume only (no need to be "transparent encryption")? If yes, how?

    Side note: Creating an encrypted block (file) and mount it on the "subvolume" is not an acceptable method since it is not a "subvolume" at all.

    • Alessio
      Alessio over 6 years
      AFAIK, btrfs doesn't support subvolume encryption..at least it didn't last time I looked closely at btrfs a few years ago. zfsonlinux added it last year ("datasets" are the ZFS equivalent to "subvolumes").
  • renyuneyun
    renyuneyun over 6 years
    Were I correct, BTRFS's (supposed) encryption support is for transparent encryption. Is there no way to perform manual encryption on subvolumes?
  • Emmanuel Rosa
    Emmanuel Rosa over 6 years
    The encryption support you mentioned is experimental and as far as I know is not included in mainline. I don't know how well maintained those patches are. Today, encryption for BTRFS is done at the block device level using DM-Crypt/LUKS, which encompasses the entire filesystem; hence there's no sub-volume encryption.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows/Linux dual boot full disk encryption
Can't enable BitLocker auto-unlock on drive ("invalid function")
What happens if i move a file from a Bitlocker drive?
Changing System Drive from GPT to MBR
Unlock locked drive with Bitlocker using Password?
Is it possible to partition VeraCrypt fully encrypted disk?
Decrypting a TrueCrypt drive pulled from another machine
How to setup disk-encryption with Ubuntu?
Windows 10 BitLocker on bootup presents just a blue screen but no password box or text.
Create an auto-growing encrypted folder on linux?