Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I periodically backup most of my user data using the only real medium I have handy for the purpose; CD-Rs. I'd like to start doing this cryptographically, so that I don't have all my private data readily accessible via CD; can anyone recommend a tool for doing this? Presumably, I'd need some kind of key management, since there will be quite a few CDs; I'd imagined carrying the keys around on my USB mini drive.
What exactly is your process for backing up this data? It could be very easy to add an encrypting step with gpg. Ex.: (assuming you already have a key prepared)
Then you have your data encrypted, compressed, and on CDR.
Put key on drive:
1. gpg --export > your.key
2. mv to drive
Recover data:
1. go to other box
2. gpg --import < /path/to/your.key
3. cp /mnt/cdrom/backup.tar.bz2.gpg ~/
4. gpg -d backup.tar.bz2.gpg
5. (enter passphrase)
6. you then have an tar.bz2 archive of your data in other home dir.
I have a bash script for doing the backups that should be fairly easy to adapt to such a process.
How do I generate a key? (I'm not very familer with PGP in general...)
In step 5, if you upload this key to the server, then anyone with access to this server, and thus your key, will be able to decrypt the data! I have 2 keys, one I use for email, and one for encrypting my own data.
Simply guard the key with your life. That's why I have multiple keys: 1 to share, so people can decrypt and verify my mail, and one protected so that I can only decrypt my files. If you create a passphrase with your data key, no-one can use it to decrypt without the passphrase.
Fair enough It still seems odd to use PGP for something of this nature, but at least it's well hardened, and a lot more portable/better maintained than other possibilities I've looked at. (CFS has never really impressed me, and TCFS is apparently years out of maintaince).
I assume it would be fairly reasonable, then, to use the same key for all my CDs?
You bet. Just remember that if your key somehow gets out, then your data security will be comprimised. You may want to "chmod 400 ~/.gnupg/pubring.gpg" so that no-one on you system can get your public keys w/o permission.
Great! I've got that working pretty smoothly for me now, though I still havn't scripted the whole bit.
I'm still a bit fuzzy on what I'm supposed to do with my fingerprint, though; the tutorial seems to think it's awfully important for me to hold on to.
>In step 5, if you upload this key to the server, then anyone with
>access to this server, and thus your key, will be able to decrypt
>the data!
Uh, no. You publish your _public_ key. To decrypt data the corresponding
_private_ key is required.
>It still seems odd to use PGP for something of this nature
Yeah, people reccommend it just because they have heard of it
or used it. For this purpose, PGP has no fundamental advantage
over a symetric cypher.
The advantage of public key cyphers is that when communicating
with someone else you can send the public key and enrcypted data
over an insecure channel and an evesdropper can't read the message.
While the PGP idea DID work, I was finding it tedious to have to extract a 700MB tarball off of a disc simply to determine what was on it. After some experimenting, I ended up patching my kernel to support the CryptoAPI and the cryptoloop driver(http://www.kerneli.org/cryptoapi/), and then using a loop device via losetup -e to write an encrypted image directly onto the CD. This way I can transparently decrypt and browse any filesystem I happen to put on a CD without having to read the whole disc or rely on the clunky CFS, which in my experience is riddled with I/O errors and doesn't hide directory structure.
The static size of the container file isn't a problem, since I know in advance that all my images are around 700MB, though I'm still not sure what cipher to use; aes128 has been working well so far.
Assuming all the proper modules have been loaded, my general procedure looks like this:
Backup:
dd if=/dev/zero of=~/loopfile bs=1k count=700k #create 700MB empty file
losetup -e aes /dev/loop0 ~/loopfile #Attach it cryptographically to loop device
[create password]
mkisofs [options] -o /dev/loop0 #Copy stuff to it, OR...
dd if=/dev/cdromx of=/dev/loop0 #Migrate existing plaintext backup
losetup -d /dev/loop0 #Detach, clean up
cdrecord [options] ~/loopfile #Burn encrypted image as-is
rm ~/imagefile #Skip this and reuse the loopfile for another disc if convienent
Restore:
losetup -e aes /dev/loop0 /dev/cdromx #Tie CD to loop device
[provide password]
mount -t [fs] -o [options] /dev/loop0 /mnt/cdromx #Mount system; now it can be used transparently
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.