2025-10-01 –, Gallery
In the Linux world there are several tools and technologies to encrypt data on a hard drive, most falling into one of two categories: block device encryption (like LUKS) or stacked filesystem encryption (like EncFs or gocryptfs). This presentation will introduce Dirlock, a new tool that belongs to a third category: native filesystem encryption, using the kernel's fscrypt API. Dirlock is currently being developed and its aim is to provide a flexible way to encrypt files, suitable for both user accounts and arbitrary directories, with full PAM integration, support for hardware-backed mechanisms such as FIDO2 or TPM and with a D-Bus API for easy management.
Alberto Garcia is a software engineer working at Igalia. He has more than two decades of professional experience working with open source projects and Linux-based devices and operating systems. He is an active Debian developer and has years of contributions to projects like QEMU and to operating systems such as Maemo, MeeGo and SteamOS.