Using SiriKali to encrypt data via the GUI

Encryption tools don't always have to be expansive like TrueCrypt and VeraCrypt in order to be able to encrypt data. For various reasons, it often makes more sense to work with individual files. For instance, the user who wants to upload unencrypted files into the cloud can choose from various Linux applications.

SiriKali [1] originated with the same developers who created zuluCrypt. Previously known as cryfs-gui, SiriKali now combines four relevant tools under an easy-to-use interface: CryFS [2], EncFS [3], gocryptfs [4], and securefs [5].

The use of file-based encryption brings with it the advantage that the containers can grow with the content. With TrueCrypt and VeraCrypt, on the other hand, the containers have a fixed size that is independent of the actual contents.

Speedy Installation

It is easy to install SiriKali. To install in Ubuntu, run the commands shown in Listing 1.

$sudo sh -c "echo ,deb http://download.opensuse.org/repositories/home:/mhogomchungu/xUbuntu_16.10/ /' > /etc/apt/sources.list.d/sirikali.list"
$ wget http://download.opensuse.org/repositories/home:mhogomchungu/xUbuntu_16.10/Release.key
$ sudo apt-key add - < Release.key
$ sudo apt-get update
$ sudo apt-get install sirikali

Alternatively, you can manually download the packages from the repository [6] and then install them.

Then install the programs that you want to use with the interface. The command in Listing 2 sets up CryFS under Debian and Ubuntu as a normal user or directly as a DEB package [7]. Users of other distributions build the package from the source code according to instructions under the menu option Other .

$ wget -O - https://www.cryfs.org/install.sh | sudo bash

Theoretically, the simplest thing to do is to install EncFS. The developers have been working on this project since 2003, and all of the most popular distributions, including Ubuntu, offer the tool in their repositories. However, it can only be applied under certain conditions. This is because a 2014 security audit [8] uncovered security gaps that the developers still need to fix. To learn more about EncFS, turn to page 8 in this issue.

In the meantime, gocryptfs promises that its standard encryption procedures get around the gaps existing in EncFS. The project hopes to become the successor to EncFS. It offers a binary package for Debian, which works fine in Ubuntu [9].

In order to install this tool, decompress the corresponding archive and move the executable files it contains to a directory for which you have write rights, like ~/bin in the home directory.

The last member of this little toolset is securefs [10]. The best way to install this, is to use git to download the repository. So first, install git:

sudo apt install git

Then use it to grab the repository:

git clone https://github.com/netheril96/securefs.git

After downloading the archive, check for dependencies. Building requires the packages cmake , fuse , and libfuse-dev .

sudo apt install cmake fuse libfuse-dev

Then issue the command:

cmake .

from the downloaded directory. It is important to remember the period at the end of the command. Not much will happen if it is left out. Then issue the sudo make install command, and securefs will install on the disc ready to go.

Straightforward English

Once the preparations described above have been completed, you can start SiriKali. The tool opens with a tidy window that has only a few operating elements. The interface is written in plain and simple English (Figure 1).

Figure 1: The SiriKali interface has just a few elements, each of which clearly represents a function.

Next you should become acquainted with the Menu options. The selection of supported encryption tools is found under Create Volume . All of the other operating elements are usable only after a container has been set up.