LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-24-2005, 04:39 PM   #1
hamish
Member
 
Registered: Aug 2003
Location: Edinburgh
Distribution: Server: Gentoo2004; Desktop: Ubuntu
Posts: 720

Rep: Reputation: 30
dm-crypt: Moving Encrypted Filesystem


Hello

I was testing dm-crypt to make an encrypted partition on my computer.

I made it, mounted it tested it, umounted, remounted etc etc to test it.

Then I wondered what happens if my computer breaks and I need to get the data from that partition? Can I put it in another computer, and just mount it, like I normally did.

It seems that iwth dm-crypt, you need to make the loop everytime you reboot, before you can mount it:

Code:
cryptsetup.sh -c aes -h ripemd160 -y -b `blockdev --getsize /dev/hdb2` create cryptvol1 /dev/hdb2
you then mount it with:
# mount /dev/mapper/cryptvol1 /mnt/crypt

To test if I could just move the drive to a new computer, I used Gentoo LiveCD. When I ran the above command, which should make the encrypted filesystem on /dev/hdb2, I used the same passphrase which I had set up the system with.

the I tried to mount it (as above), but I was told that I needed to say a filesystem. I tried ext3, but it didn't like that.

It seemed that it didn't want to be mounted.

Does anyone have experience of this? Is i possible to move the hard drive to a new machine?
Hamish
 
Old 02-24-2005, 04:56 PM   #2
hamish
Member
 
Registered: Aug 2003
Location: Edinburgh
Distribution: Server: Gentoo2004; Desktop: Ubuntu
Posts: 720

Original Poster
Rep: Reputation: 30
I have figured out one error I may have made. I may have omitted to create a file system on the /dev/mapper/cryptvol1 file. I just made one on /dev/hdb3.

it seems to work, but I will test some more.

Does anyone know what would happen if a RAID1 (/dev/md0) partition had encryption, and one of the drives broke? How would this be affected?

hamish
 
Old 07-21-2005, 02:57 AM   #3
hamish
Member
 
Registered: Aug 2003
Location: Edinburgh
Distribution: Server: Gentoo2004; Desktop: Ubuntu
Posts: 720

Original Poster
Rep: Reputation: 30
hehe

was just reading through old stuff.

I've been running it for months now.

If one drive breaks, but boot up with Gentoo live cd and remake this:

cryptsetup.sh -c aes -h ripemd160 -y -b `blockdev --getsize /dev/hdb2` create cryptvol1 /dev/hdb2

then mount it (you will be asked for passphrase)

This works, even if /dev/hdb2 is normally in a raid array. The gentoo live cd does not know this, and just mounts it as an indiviual drive.

hamish
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Encrypted Root Filesystem (dm-crypt/loopAES +ext3fs) - Problem dragoncity99 Slackware 6 08-01-2005 12:14 AM
encrypted filesystem done -now what? randomx Linux - Security 1 04-27-2005 06:13 AM
Encrypted Root Filesystem HOWTO and /dev filesystem tmillard Linux From Scratch 0 10-18-2004 03:58 PM
Moving encrypted passwords to a new host paulsm4 Linux - Software 1 09-17-2004 01:40 AM
dm-crypt encrypted filesystem on a CD-ROM qwijibow Linux - General 0 09-14-2004 02:11 PM


All times are GMT -5. The time now is 08:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration