<![CDATA[Mounted my first Luksbox, protected by a Yubikey.]]>Mounted my first Luksbox, protected by a Yubikey. Works very well.

Compared to Gocryptfs: you have support for FIDO2 keys.

Compared to veracrypt and truecrypt, the big advantage is you don't have to reserve x Gb for the encrypted partition.

]]>https://board.circlewithadot.net/topic/0c5b3be5-5332-485d-ad1e-4c730caf4455/mounted-my-first-luksbox-protected-by-a-yubikey.RSS for NodeThu, 04 Jun 2026 21:58:37 GMTThu, 21 May 2026 12:19:15 GMT60<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 15:03:03 GMT]]>@cryptax @Penthertz @gzobra that's the double concept of slots 🙂 you can use them as backup or alternative key, but also to use a different key per user and the user can then update it's key. We could see your slots on the TUI, on the GUI it looks like that:

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/FlUxIuS/statuses/116613171377059270https://board.circlewithadot.net/post/https://infosec.exchange/users/FlUxIuS/statuses/116613171377059270Thu, 21 May 2026 15:03:03 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 14:52:47 GMT]]>@FlUxIuS @Penthertz @gzobra oh ? you can share a vault with several users? that's really interesting!

]]>https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613130974314539https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613130974314539Thu, 21 May 2026 14:52:47 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 14:49:36 GMT]]>@cryptax @Penthertz @gzobra yeah and also reserving slots to other users, so you don't leak your own passphrases and you can revoke the pass if the vault is still safe but someone's key got phished. You have also paranoid mode : PQC + FIDO2+ TPM&PIN + deniable mode -> but that's a really specific mode 😄

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/FlUxIuS/statuses/116613118444143134https://board.circlewithadot.net/post/https://infosec.exchange/users/FlUxIuS/statuses/116613118444143134Thu, 21 May 2026 14:49:36 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 14:46:05 GMT]]>@return0media by the way, I'm actually not certain the machine learning algos can recover the initial text when the pixel size is big enough.

But yes, I could have used a full black box instead.

]]>https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613104625195886https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613104625195886Thu, 21 May 2026 14:46:05 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 14:44:15 GMT]]>@Penthertz @gzobra @FlUxIuS I'm using it to

1) to store particularly sensitive files I don't need all the time. I suppose that's the most common use.

2) + to store malware: I mount the luksbox only when I'm working on them. It's an additional precaution.

]]>https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613097451816168https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613097451816168Thu, 21 May 2026 14:44:15 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 14:43:26 GMT]]>@Penthertz Ahhh very cool. Thanks for explaining it to me!

]]>https://board.circlewithadot.net/post/https://infosec.exchange/ap/users/116590760552038843/statuses/116613094199093028https://board.circlewithadot.net/post/https://infosec.exchange/ap/users/116590760552038843/statuses/116613094199093028Thu, 21 May 2026 14:43:26 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 14:35:18 GMT]]>@Penthertz @return0media yes, you are right, but as @Penthertz replied, actually it's public info, I just didn't see the use of sharing it. It does not show the passphrase or the key or anything sensitive.
So feel free to break it if you wish 🙂

]]>https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613062234471078https://board.circlewithadot.net/post/https://mastodon.social/users/cryptax/statuses/116613062234471078Thu, 21 May 2026 14:35:18 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 12:53:22 GMT]]>@return0media @cryptax the info is actually public, first is the Argonid params and second is the credid used by the fido2 device and can be regenerated. Even with credid and salt you will need the fido2 key at the end to attempt something. If you have it you'll need the pin/passphrase to authenticate

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/Penthertz/statuses/116612661406481047https://board.circlewithadot.net/post/https://infosec.exchange/users/Penthertz/statuses/116612661406481047Thu, 21 May 2026 12:53:22 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 12:47:07 GMT]]>@cryptax There are machine learning algos that can unscramble this type of masking. I'd recommend using a full black box to cover it if this is actually important.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/ap/users/116590760552038843/statuses/116612636806355077https://board.circlewithadot.net/post/https://infosec.exchange/ap/users/116590760552038843/statuses/116612636806355077Thu, 21 May 2026 12:47:07 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 12:42:53 GMT]]>@gzobra @cryptax @FlUxIuS feedback are welcomed! If that project can solve problems we had in the past sharing sensitive files and remembering/storing complex passwords, we'd love to know too 🙂

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/Penthertz/statuses/116612620215775454https://board.circlewithadot.net/post/https://infosec.exchange/users/Penthertz/statuses/116612620215775454Thu, 21 May 2026 12:42:53 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 12:32:03 GMT]]>@cryptax
Nice, i discover that project through your post.

@FlUxIuS @Penthertz
Interesting project, i will try i soon.

Thank you to both of you

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/gzobra/statuses/116612577572194284https://board.circlewithadot.net/post/https://infosec.exchange/users/gzobra/statuses/116612577572194284Thu, 21 May 2026 12:32:03 GMT<![CDATA[Reply to Mounted my first Luksbox, protected by a Yubikey. on Thu, 21 May 2026 12:27:54 GMT]]>@cryptax @Penthertz thank you for this warm post! FIDO2 was actually our first support before the hybrid post-quantum mode. You can play with the CLI, TUI and GUI 🙂 bugs & vulns finding are welcome and we also provide fuzzing harnesses also as an example

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/FlUxIuS/statuses/116612561276844868https://board.circlewithadot.net/post/https://infosec.exchange/users/FlUxIuS/statuses/116612561276844868Thu, 21 May 2026 12:27:54 GMT