LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-03-2015, 05:39 AM   #1
skoda
Member
 
Registered: Jun 2013
Posts: 111

Rep: Reputation: Disabled
Password Protect ext3 partition in a USB External Drive


Hi folks,

as my title says, i need to protect an ext3 partition in my external 500GB toshiba usb hard diks. it is a 250gb Partition. so if i try to open the partition on any linux or windows system (using a utility), it should ask for a password to open the partition. pls advise.
 
Old 02-03-2015, 06:25 AM   #2
J Martin Rushton
Member
 
Registered: Jan 2015
Location: England
Distribution: Mainly CentOS
Posts: 31

Rep: Reputation: Disabled
Google or Wikipedia for "whole disk encryption".
 
Old 02-03-2015, 06:58 AM   #3
veerain
Senior Member
 
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
For windows you may use Truecrypt. For linux you can use cryptsetup.

Cryptsetup has some support for truecrypt. But the reverse is not true.

Read good docs on both.

Web search, wikipedia, your friend. Sometime docs in archwiki also help.
 
Old 02-03-2015, 10:38 AM   #4
maples
Member
 
Registered: Oct 2013
Location: IN, USA
Distribution: Arch, Debian Jessie
Posts: 813

Rep: Reputation: 264Reputation: 264Reputation: 264
Didn't I see something a few months ago where TrueCrypt basically closed down after they did a self-audit?

Their website no longer exists, and their Sourceforge page only has instructions on how to migrate Windows to BitLocker.
 
Old 02-03-2015, 10:57 AM   #5
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,985

Rep: Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315
Quote:
Originally Posted by maples View Post
Didn't I see something a few months ago where TrueCrypt basically closed down after they did a self-audit? Their website no longer exists, and their Sourceforge page only has instructions on how to migrate Windows to BitLocker.
You are correct, they did, and they even issued multiple statements to that effect, and even advised people to NOT use truecrypt.

OP, using cryptsetup with luks will get you what you're after for Linux. Not sure about LUKS support for Windows (or even EXT3 support for Windows).
Quote:
Originally Posted by veerain
For windows you may use Truecrypt. For linux you can use cryptsetup. Cryptsetup has some support for truecrypt. But the reverse is not true. Read good docs on both. Web search, wikipedia, your friend. Sometime docs in archwiki also help.
As you told me in another thread "your security attitude/conscious is great!" You advised someone to use something that its own inventors said was insecure, and that fact has been well publicized.
 
Old 02-03-2015, 01:17 PM   #6
maples
Member
 
Registered: Oct 2013
Location: IN, USA
Distribution: Arch, Debian Jessie
Posts: 813

Rep: Reputation: 264Reputation: 264Reputation: 264
I remember a project called Ext2FSD or something that was a ext2/3 driver for Windows. (It had read support for ext4, but writing was still experimental.) For me, it worked on Win7, but not on 8/8.1...

I have no idea if it supported encryption, I never looked.

EDIT: Apparently there's a Switzerland-based group that plan on releasing a successor to TrueCrypt: https://truecrypt.ch/ And I also came across http://veracrypt.codeplex.com/

Last edited by maples; 02-03-2015 at 01:21 PM.
 
Old 02-03-2015, 01:23 PM   #7
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,508

Rep: Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102
Quote:
Originally Posted by TB0ne View Post
You are correct, they did, and they even issued multiple statements to that effect, and even advised people to NOT use truecrypt.

As you told me in another thread "your security attitude/conscious is great!" You advised someone to use something that its own inventors said was insecure, and that fact has been well publicized.
It's not insecure, it's just unsupported. Nobody has found a weakness or insecurity in truecrypt yet, and it's passed many audits and tests without issue. It's just as secure today as it was when they released their last update years before they announced they were stopping support (and since there hadn't been any insecurities/bugs found or updates published in years anyway, what does that "support" really mean?)

The whole "Truecrypt is insecure, don't use it!" BS was just to cover their asses. It is true that if an insecurity is found, it won't be patched, but until an insecurity is found it's kind of a moot point.

It wasn't abandoned because any problem was found, it was abandoned because more and more OSs were integrating full disk encryption on their own, rendering TrueCrypt's full disk encryption redundant and pointless to keep maintained (not that they were doing much maintenance anyway, since AFAIK no problems had been found in many years).

Last edited by suicidaleggroll; 02-03-2015 at 01:31 PM.
 
Old 02-03-2015, 01:25 PM   #8
Miati
Member
 
Registered: Dec 2014
Distribution: Linux Mint 17.*
Posts: 326

Rep: Reputation: 106Reputation: 106
Perhaps check this out
https://github.com/t-d-k/doxbox

It's for windows, but says it works with LUKS (amongst other things)
I've never used it (don't use M$) but it's an option.

Quote:
Originally Posted by suicidaleggroll View Post
it's passed many audits and tests without issue.
What audits and tests? I'm only aware of one and there are issues in it. (goto pg.13)

That's not a suprise of course, everything has bugs. But saying it has passed audit(s?) without issue isn't true.
However, since it has been audited, that's dramatically more then other options. In particular the one I mentioned

Last edited by Miati; 02-03-2015 at 01:33 PM.
 
2 members found this post helpful.
Old 02-03-2015, 10:31 PM   #9
veerain
Senior Member
 
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
Yes Truecrypt is shutdown. But it may still work.

A new site which provides download of last stable releases of truecrypt is there. They are not developing it for now but they may.
 
Old 02-04-2015, 05:44 AM   #10
skoda
Member
 
Registered: Jun 2013
Posts: 111

Original Poster
Rep: Reputation: Disabled
Thanks guy for all your comments.
 
Old 02-04-2015, 08:59 AM   #11
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,985

Rep: Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315
Quote:
Originally Posted by veerain View Post
Yes Truecrypt is shutdown. But it may still work.
Again, from TrueCrypt's own web page:
Quote:
Originally Posted by TrueCrypt
WARNING: Using TrueCrypt is not secure
...and you're still recommending someone use it??? As you told me in another thread "your security attitude/conscious is great!"
Quote:
A new site which provides download of last stable releases of truecrypt is there. They are not developing it for now but they may.
...and there is no need to go to an unknown, third-party site, since you can still download the last, stable release of it, FROM THE TRUECRYPT SITE. Why would ANYONE go to an unknown site to download something related to encryption?
 
Old 02-04-2015, 10:28 AM   #12
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,508

Rep: Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102
Quote:
Originally Posted by Miati View Post
What audits and tests? I'm only aware of one and there are issues in it. (goto pg.13)

That's not a suprise of course, everything has bugs. But saying it has passed audit(s?) without issue isn't true.
However, since it has been audited, that's dramatically more then other options. In particular the one I mentioned
The last I saw they hadn't found anything, and I seem to remember other tests being done in the past with no issues to report, though I can't seem to find them now. Thanks for the link though, good to know.
 
Old 02-04-2015, 10:57 AM   #13
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,508

Rep: Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102
Quote:
Originally Posted by TB0ne View Post
Again, from TrueCrypt's own web page:

...and you're still recommending someone use it??? As you told me in another thread "your security attitude/conscious is great!"
That's just a CYA (cover your ass) message. I'm about 99% sure that if they hadn't made the announcement that they were stopping support, and it was still technically "supported" like it has been in the past, there still wouldn't be any updates since the last one in February 2012 (3 years ago). So what makes it so insecure now when it wasn't insecure 3 years ago, considering the few issues found in the audit linked above are relatively minor? Especially considering none of the alternatives have been audited at all, as far as I'm aware.

Last edited by suicidaleggroll; 02-04-2015 at 10:59 AM.
 
Old 02-04-2015, 12:19 PM   #14
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 18,985

Rep: Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315Reputation: 4315
Quote:
Originally Posted by suicidaleggroll View Post
That's just a CYA (cover your ass) message. I'm about 99% sure that if they hadn't made the announcement that they were stopping support, and it was still technically "supported" like it has been in the past, there still wouldn't be any updates since the last one in February 2012 (3 years ago). So what makes it so insecure now when it wasn't insecure 3 years ago, considering the few issues found in the audit linked above are relatively minor? Especially considering none of the alternatives have been audited at all, as far as I'm aware.
It could very well be a CYA message. However, when a VERY popular program such as that comes out with such an announcement, there has to be more to it than that. Could be there is some sort of exploit that was discovered, and they don't want to publicize it. The CODE could be fine and pass an audit, but the method used for the keys or other pieces/parts could be vulnerable.

Either way...I'll go with what the authors suggest in this case.
 
Old 02-04-2015, 12:42 PM   #15
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,508

Rep: Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102Reputation: 2102
Quote:
Originally Posted by TB0ne View Post
It could very well be a CYA message. However, when a VERY popular program such as that comes out with such an announcement, there has to be more to it than that.
Nope, they made it quite clear. Their page even says as much:
Quote:
WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images.
http://truecrypt.sourceforge.net/

The reason they ended support was because XP went out of support and Vista+ offers integrated encryption. The reason they're saying it's insecure is because some time in the future a vulnerability may be discovered, and if so, it would not be patched. Until that vulnerability is discovered, it's just as secure as it was 3 years ago when 7.1a was released.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
USB writing problem with external drive (ext3) ghost333 Linux - Hardware 3 10-05-2009 11:38 AM
External USB Drive Ext3 Fsck Error on Boot macgyver007 Linux - Desktop 8 08-22-2009 12:02 AM
How do I unsave a Gnome-saved password of my ext3 external USB hard-drive? simonsharry Linux - Newbie 5 02-15-2009 02:15 AM
ext3 partition on external USB hard drive mounted, but only root access allowed leontini Linux - Hardware 4 02-17-2006 01:54 AM
Problem with Booting after creating ext3 partition on External USB ynyus75 SUSE / openSUSE 1 11-13-2005 02:23 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration