Is it possible to convert the default encryption to VeraCrypt?

Hello,
I recently installed Fedora using the encryption option offered during the installation process, but it seems that LUKS doesn’t have a particular feature that VeraCrypt has. Can I make this conversion, or do I have to do a clean install without encryption?

which one?


what data are you going to encrypt? /home only, or / as well? How are you planning to boot the machine?

2 Likes

The hidden operating system feature.

/ too.

Via the VeraCrypt boot loader as required for the hidden operating system. But I’m not deadset on using veracrypt, if LUKS can do the same thing I wouldn’t mind just keep using it.

I don’t believe there is veracrypt support in Anaconda, so it’s not something that you would be able to do at install time. It is theoretically possible to do post install, but undoing the LUKS encryption (which isn’t trivial) and re-encrypting with veracrypt. This assumes that grub can grok veracrypt. Seeing as veracrypt isn’t in the Fedora repos, I definitely can’t promise you that it would work or even where you should really begin.

2 Likes

Good catch! I looked for Fedora support and found one .rpm file. However, I noticed that the last stable release was from early 2022. I’m not sure if this is a bad sign.

It’s not a good sign.

I know this is slightly off-topic, but can LUKS or any other encryption method that is more reliable than VeraCrypt handle plausible deniability? Or is plausible deniability just a tinfoil hat concept?

no, cannot.

1 Like

It depends on your threat model.
A comprehensive inspection can identify abnormalities, and then it becomes a question of how much the other side respects your human rights and how resilient you are to physical and psychological impact.
E.g. if a huge part of your drive is not allocated and looks like a black box, someone might have questions.

1 Like