ebiggers
commented
5 months ago It sounds like you'd like to conceal the fact that you're using fscrypt, so that if someone looks at the filesystem it's not possible to tell that fscrypt is being used. I'm afraid this isn't possible; it will always be possible to tell. This would be true even if no metadata files were stored on-disk, due to the encrypted files themselves. The security provided by fscrypt comes from cryptography, not from obfuscation.
It's easy to telll what kind of cryptography someone uses in their systems when you look at the directory called /.fscrypt. Currently there's no way to change /.fscrypt's directory nor none of configuration files stored in /etc/ used by fscrypt.