PentHertz

PentHertz / LUKSbox

Public

Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots. Mounts as a real drive on Linux, macOS, and Windows.

luksbox.penthertz.com encryption file secure sensitive-data vault
19
2
69% credibility
Found May 08, 2026 at 19 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Rust
AI Summary

LUKSbox creates portable encrypted file containers for storing sensitive data on untrusted cloud or shared storage, with support for passphrases, hardware keys like FIDO2 and TPM, and post-quantum security.

How It Works

1
🔍 Discover secure storage

You need a safe way to store sensitive files in the cloud without trusting the provider to read them.

2
📥 Get LUKSbox

Download and install the free app that creates unbreakable encrypted vaults.

3
🗝️ Create your vault

Make a new secure container file and pick your unlock method like a strong passphrase or hardware key.

4
📁 Protect your files

Drag your important documents into the vault – now they're encrypted and tamper-proof.

5
☁️ Store anywhere safely

Upload the vault file to any cloud or USB drive; it looks like random data to outsiders.

6
🔓 Unlock on any device

Open the vault with your key, mount it as a drive, and access your files securely.

Data protected forever

Your files stay private and safe, even from future threats like quantum computers.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 19 to 19 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is LUKSbox?

LUKSbox lets you store sensitive files—like GitHub access tokens, PATs, or credentials—in the cloud or on shared drives without trusting the host. It creates a single encrypted vault file that mounts as a real drive on Linux, macOS, or Windows via FUSE or WinFsp, unlocked by passphrase, FIDO2 hardware (YubiKey, Nitrokey), TPM 2.0, or hybrid post-quantum ML-KEM-768/1024 keyslots. Built in Rust, it handles tamper detection and keeps vaults opaque even under subpoena.

Why is it gaining traction?

Unlike VeraCrypt or Cryptomator, LUKSbox offers native FIDO2/TPM support and post-quantum hybrids to thwart "harvest now, decrypt later" attacks, with per-chunk encryption and rollback anchors for cloud sync safety. Devs dig the CLI (`luksbox create vault.lbx; luksbox mount vault.lbx /mnt`) and wizard for quick setup, plus detached headers that make vaults look like random data. It's a smart fix for storing GitHub tokens on Linux/Ubuntu/Windows without leaks.

Who should use this?

DevOps engineers storing GitHub PATs or tokens securely on Ubuntu, Windows, or cloud shares. Mobile devs (Android, Flutter, React Native) needing portable vaults for sensitive data instead of insecure keychains. Backend teams using Supabase or databases who want tamper-proof offsite backups of credentials, or anyone sharing GitHub creds cross-platform without trusting Dropbox/S3.

Verdict

Grab it for high-stakes storage like GitHub personal access tokens—pre-1.0 with 19 stars and 0.7% credibility score, but 30M+ fuzz runs and 9 internal audits show polish beyond its size. Maturity lags on third-party audits; test thoroughly and keep plaintext backups.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.