LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-13-2007, 08:46 PM   #1
Chinook06
LQ Newbie
 
Registered: Mar 2006
Posts: 15

Rep: Reputation: 0
Encrypted filesystem and boot from flash


I want encrypt filesystem. I want to save password on flash disk, but when I boot want write some short paraphrase for access to password on flash. How it do it?
 
Old 01-13-2007, 08:59 PM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
Have a look at True Crypt.

http://www.truecrypt.org/

I started using it about a week ago. The nice thing about it is that it works on numerous platforms. You can have your pass phrase on a USB. It is as easy to use as cryptoloop but you don't have to worry about what encryption algorithms are available on any given kernel. It requires 2.6.x kernel and device mapper on Linux. It also works on Windows and on *BSD.

The encrypted files do not have any header information to give away the encryption algorithm used to create the file. Sweet. I think I'm in love.

Here is an example of creating an encrypted file system on /dev/sda1 with True Crypt.
Code:
truecrypt -c /dev/sda1
It will ask a bunch of questions. When it asks if you want FAT or none you should enter none. Once you have answered all of the questions it will set up the partition. Then you need to format the partition under True Crypt.
Code:
truecrypt /dev/sda
<password>
mkfs -t ext3 /dev/mapper/truecrypt0
That takes care of the one time tasks. Now you can mount /dev/mapper/truecrypt0 just as you would any other block device.
Code:
mount -o noexec /dev/mapper/truecrypt0 /home
True Crypt will take care of unmounting cleanly during system shutdown.

The next time that you boot you just have to tell True Crypt to connect to /dev/sda1 and then you can mount it.
Code:
truecrypt /dev/sda1
<password>
mount -o noexec /dev/mapper/truecrypt0 /home
It's easy to use.

Oh yeah. Part of the process of creating the encrypted partition asks if you want to create a key file. You would say yes. Put the key file on the USB. There you are. Of course if you encrypted the USB with True Crypt first it would be even more secure.

Last edited by stress_junkie; 01-13-2007 at 09:15 PM.
 
  


Reply

Tags
truecrypt


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
mount encrypted filesystem fails on boot blackcompany Suse/Novell 0 06-12-2006 09:26 AM
encrypted filesystem done -now what? randomx Linux - Security 1 04-27-2005 06:13 AM
How to boot an encrypted filesystem from removable medium? Vincent_Vega Linux - Security 2 11-19-2004 02:54 PM
Encrypted Root Filesystem HOWTO and /dev filesystem tmillard Linux From Scratch 0 10-18-2004 03:58 PM
encrypted virtual filesystem EdoardoC Linux - Security 6 04-19-2004 10:16 AM


All times are GMT -5. The time now is 07:31 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration