So I just set up a ZFS file server.
5x3TB disks in a RaidZ2, yes it should be 6 for 'max performance' but I'm one user. I wanted the double parity.
Right now at home, my PC is copying my 'data' drive into an encrypted VeraCrypt archive (TrueCrypt).
These are fixed size (mine is 1TB), and I realized that I'm missing out on the features of ZFS by keeping my files in a container. like that.
What was appealing, was that I can 'mount' the VeraCrypt archive and it's just "another hdd" to my windows system.....
This sounded great, until I realised I derped on something I do every day; mapping shared folders to drive letters.....aren't I clever.
So, I can make a 'Data' share on my ZFS and map it, great... what this DOESN'T help with, is encryption.
a Cryptographic Archive still has the advantage that once it's mounted, it's "all unencrypted" to the end user.... but the down side that ZFS can only checksum the one file (the container) which isn't ideal.
So I got to thinking; What do those "Crypto Locker" viruses use? They encrypt on a per-file basis.
On top of that, is there a 'tool' that I can run, that lets me decrypt them on the fly?
File names aren't specifically 'secret', I just don't want the data readable in the event of a breach. I have things like contact lists (in plain text) and such.
What would be nice, would be something that encrypts all the files, on a per file basis, but has a system tray type tool that decrypts on the fly, passively, so the computer never knows.
JPEG is encrypted.
JPEG is stored on ZFS server (network share)
I Open GIMP on my local server, and want to edit the JPEG.
I navigate the network share to find the JPEG, and open it.
The 'Tool' (system tray?) notices that file access, and feeds a decrypted stream to GIMP.
Meanwhile a hacker gets into my share WITHOUT the 'tool' and password.
Steals my JPEG.
And it's junk.
Anything like this even remotely exist?