Trust
Safe and secure
Encryption-at-rest requirements, met anywhere you run Linux.
Built by Fraudmarc
Our team has run production infrastructure since 2005, from maintaining the Xen hypervisor's 3.4 stable branch in the years it powered AWS and Rackspace, to authorizing billions of enterprise emails a month at Fraudmarc today. Panocrypt brings that same operating discipline to Linux encryption at rest.
We never hold your keys
The unlock key is created, wrapped, and stored on your machine. Binding creates a cryptographic dependency, not a custody relationship: Panocrypt cannot produce your disk keys, passphrases, or plaintext.
How managed unlock works
At boot, your distro's native Clevis code asks Panocrypt to participate in a McCallum-Relyea exchange: ECDH-derived binding at setup, a blinded ECDH recovery step at unlock, policy checked first. TLS protects the request context. McCallum-Relyea protects the disk secret.
Is IP-based unlock safe?
We spent a decade in email authentication, where SPF set the precedent: a domain publishes which server IPs are authorized to send its mail. Panocrypt applies the same model to unlock policy. Like email, requests travel over IP with strong TLS encryption. Manual approvals add a human in the loop when you want one.
Turn us off any time
Disable unlocks in the control plane, or remove the Panocrypt keyslot from the disk entirely. Either way, Panocrypt can no longer participate in unlocking that machine.
How to remove a bindingaudited
SOC 2 audited, with a decade of enterprise security reviews behind us.