I’ve been using veracrypt for the past 4 years to create container files in everything from thumb drives to external hard drives. After upgrading one of my backup drives, I decided that I will switch to a different filesystem altogether going on, from ntfs to ext4, since I havent really used windows in those 4 years. With the reasoning behind using veracrypt and ntfs in the first place being for compatibility, should I switch to LUKS? Veracrypt is dramatically more feature rich but I dont really take advantage of those. I just encrypt my drives in case of burglars and other unwanted eyes. I do already have a disaster plan in place so I would have to do a total overhaul of things, but I’m not sure if this is a wise decision. My gut says no but what do you think? What would I gain?
Edit: shouldve added that these drives are for warm storage for my weekly manual backups of files.
Edit 2: the general opinion is to use a tool that supports encryption but I dont really feel comfortable with that but do appreciate it. It’s just I’ve been manually updating my backup drives for a while now and like how simple my routine is. Think my decision is to just stick with veracrypt but format every future drive (including a new one I ordered) as ext4. My current drives wont be reformatted in order to reduce unnecessary wear on them. Thank you all for your help
I’m by no means a security expert, but I encrypt all my drives with LUKS on ext4 (or btrfs with the system drive on Fedora). I have a similar use case to yours, so i would be interested in your disaster plan as you call it.
Oh by disaster plan I mean incase of drive failure/my death. Its the 3,2,1 backup rule basically. 1 original backup drive and a copy of it are local in a fire resistant box within a bolted down safe, then an offsite cold copy of my backup drive is at a loved one’s home where backups are manually updated monthly. The more important data is also stored in the cloud with cryptomator just as more insurance for myself. A laminated paper with credentials needed to access the data is stored in 2 places, another loved one’s home in their safe (cloud provider account credentials opted out) with instruction in case I die, and hidden local in case I forget anything.
This is exactly my backup strategy even using cryptomator for a cloud backup. My PC and kiddos laptops are all linux so have no worries about needing a Windows machine for recovery and even if all systems died I could always use a live distro to boot elsewhere and access my files.