Linux Matters

Punch up in the garden

Oct 29, 2024
Discover how a switch to gocryptfs transformed secure key storage. Learn the best practices for managing SSH keys on Nix OS and explore user-friendly encryption tools. Delve into the journey of enhancing terminal appearances with Powerline Go and the humorous quest for a new dual-up monitor. Uncover the benefits of automating builds with GitHub Actions and the joys of integrating high-resolution displays to boost productivity while enjoying a special deal!
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Encrypt Files With gocryptfs

  • Use gocryptfs to create an encrypted folder and mount it for easy transparent encryption and decryption.
  • Mount with gocryptfs <encrypted-path> <mount-point> and unmount with fusermount -u <mount-point> when finished.
ANECDOTE

Secrets Used For Deployments

  • Martin stores backups of his GPG, SSH, and even old Mumble certificates inside the encrypted store for deployments and recovery.
  • He also keeps pre-generated SSH host keys to ensure redeployed servers present known identities.
INSIGHT

Sync Encrypted Stores, Not Plaintext

  • Combine gocryptfs with Syncthing to sync only the encrypted data across devices you control.
  • Share the decryption passphrase separately so collaborators can unlock a synchronized encrypted store.
Get the Snipd Podcast app to discover more snips from this episode
Get the app