fuse関連は詳しくないのでわからないですね。 単純に入ってるほうを使うほうが良いと思って、私はcryptsetup使ってますね

知りませんでした。情報ありがとうございます！ 汎用のfuse使うのではなく、Kernelの暗号化の仕組み？に入れ込んでいるんですかね。 cryptsetup のほうが安定性なども上なんでしょうか？

cryptsetupの--type bitlkで、Linux上から開けます。 cryptsetupはほとんどのlive usbに入っているはずです。

this is why we don't decrypt the disk without proof of authenticated user (see: LUKS, FileVault) if you used systemd-cryptsetup to just unlock with the TPM like bitlocker does, there'd be 50 million bypasses on linux too but nobody does that, cause that's retarded

I suggest to all jailbroken ps4 players to obtain the perconsole eap hdd key, incase the mainboard is died or whatever reason, can extract the data externally at the linux via cryptsetup then uses ufs2 supported linux kernel.

Copy Fail (CVE-2026-31431) exploits Linux kernel memory management to corrupt binaries in page cache without touching disk, creating a forensic blind spot where traditional file integrity monitoring fails completely. Key technical details: • 9-year-old optimization in algif_aead.c allows in-place AEAD operations, but authencesn implementation writes scratch data at offset assoclen cryptlen into chained page cache pages • Attack path: AF_ALG socket → splice() target binary pages → sendmsg/recvmsg loop to inject shellcode into cached /usr/bin/su → execute for root shell • Affects kernels 4.14-7.0 (essentially all Linux since 2017), including LTS branches 6.12.x, 6.6.x, 5.15.x, 5.10.x • In containerized environments, page cache sharing enables container-to-host privilege escalation bypassing all pod security policies DFIR implications: • File integrity monitors see clean disk while memory contains corrupted executable • Standard audit trails show normal su execution with no suspicious file writes • Syscall-level detection required: monitor AF_ALG SOCK_SEQPACKET socket creation outside disk-encryption tools (cryptsetup, veritysetup) • Post-incident forensics limited without real-time syscall capture of socket/splice/sendmsg operations Deploy auditd rules for AF_ALG socket monitoring and Falco detection rules. Page cache corruption is invisible after reboot without preserved memory dumps. #DFIR_Radar

AIがいるから一気にshred,cryptsetup,ddとか触っちゃうだよな… 基礎固めしないとな。

3. 現在開発中のv260から、必須要件が上がっています。 kernel 5.10 (5.14以降を推奨) glibc 2.34, libxcrypt 4.4.0, cryptsetup 2.4.0, elfutils 177, libblkid 2.37, libidn 2, libseccomp 2.4.0, OpenSSL 3.0.0, Python 3.9.0. Major distroの場合は大丈夫でしょうが、組み込み系などは要注意。

you can use dm-crypt without header: cryptsetup open --type plain <flags for all crypto parameters> Note that this is not really the same as hidden volumes in veracrypt.

Pacotes de segurança KODACHI ufw - will install macchanger - will install firejail - will install apparmor - already installed apparmor-utils - will install apparmor-profiles - will install aide - will install lynis - will install rkhunter - will install chkrootkit - will install usbguard - will install ecryptfs-utils - will install cryptsetup - will install cryptsetup-initramfs - will install cryptsetup-nuke-password - will install fail2ban - will install unattended-upgrades - will install auditd - will install libpam-pwquality - will install libpam-google-authenticator - will install secure-delete - will install wipe - will install nwipe - will install

Best realistic combo in 2026 → strong encryption "hide in plain sight" psychology. sudo cryptsetup luksFormat /dev/sdX sudo cryptsetup luksOpen /dev/sdX secretusb sudo mkfs.ext4 /dev/mapper/secretusb Mount & use later!

systemd 去管 init 是好事，但是自从他开始管cryptsetup, fstab, , network, resolve, nsswitch, 甚至是 container 的时候...... 我就不喜欢了

Cryptsetup 2.8.2 Released With BitLocker Clear Key Support phoronix.com/news/cryptsetup…

Comment créer une clé USB chiffrée via LUKS avec cryptsetup ? it-connect.fr/creer-une-cle-…

Asume breach, deja el equipo offline de internet, mira los logs del sistema por cryptsetup, luks, dm-crypt, y empieza a sospechar muy fuerte.

Mira en logs que aparece sudo journalctl -b -1 | grep -iE 'crypt|luks|cryptsetup|dm-crypt' Mira a ver si se desbloqueó o como figura. A lo mejor quedó encendido y con algún servicio corriendo.

Je me suis retrouvé dans une boucle infinie où LUKS butait sur une clé TPM non délivrable au lieu de fallback sur la passphrase. Ça m'aura permis de découvrir systemd-cryptsetup... man7.org/linux/man-pages/man…

once i found it I was left with something like this: 65900000 4c 55 4b 53 ba be 00 01 [...] |LUKS....aes.....| next step is to set up a loop device from this offset: sudo losetup -o 0x65900000 -r -f /dev/nvme0n1 and open it: sudo cryptsetup luksOpen /dev/loop1 luksdisk

Il y aura sans doute une option pour un code pin TPM comme c'est déjà le cas sous Windows. C'est déjà intégré et disponible dans cryptsetup depuis des années.