LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-02-2006, 07:54 AM   #1
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 185

Rep: Reputation: 30
How safely encrypted are my files?


I've been using for almost a year my current setup on several computers. Now I've begun to wonder, how safe would it be against theft, in fact.

Scenario: Someone steals my Linux-laptop (power off) which has its hard drive protected with the following encryption setup. This person is not interested enough to spend months on trying to break the encryption, but is still interested in a quick spy of what the disk contains. Can I assume that my files should be relatively safe from such casual and trivial spying attempts?

Setup concerning the encryption:

Code:
Keyfile was created with:

$ dd if=/dev/random bs=1c count=32 | gpg -c -a >keyfile
Code:
$ cat /etc/fstab
/dev/hda5 /home reiserfs noexec,encryption=AES256,gpgkey=/mnt/removable/keyfile,noatime,notail,nosuid
none /tmp tmpfs size=256m,noexec,nosuid,noatime 0 0
/dev/hda1 swap swap defaults,noatime,encrypted 0 0
The GPG keyfile is located on a memory card, which is separated from the laptop, never in the laptop case. Desktop PC's on the other hand, are getting the keyfile from an encrypted NAS-device in the network. The keyfile is never stored on the computers' hard drives. pam_mount mounts the encrypted /home-partition at login. /tmp is located on a tmpfs, thus wiped at every boot. I use a different keyfile for every partition, even when located on the same computer.

Now, obviously this setup cannot offer as wide protection as encrypting the whole hard drive could. But it also doesn't take as much time to implement. System logging is disabled, so /var should not reveal anything special.

What do you think about my setup? What should I improve or change? Should I change from Loop-AES to DM-Crypt, Enc-FS or something else? I don't need military grade protection, just don't want my work documents to leak outside the company.

Extra question: What about the safety of the Mac OS X Tiger FileVault on my MacBook? I find it hard to locate reliable comparisons between different encryption methods, although I've been googling and reading lots and lots of articles.

Last edited by make; 11-02-2006 at 10:53 AM.
 
Old 11-02-2006, 10:20 AM   #2
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Rep: Reputation: 15
I think your setup is quite safe, but there are some ways a clever thief could get at some private infornation:

- EDIT: This was incorrect
- Since your /var/log directory is not encrypted, a thief can access all logging files, which might contain names of files, maybe even file contents of "secret" files stored in your /home folder.
- Do you use a good pgp password to encrypt your keyfiles in case they get into the wrong hands?
- Using /dev/urandom is a potential security hole, since it works as a (maybe insecure) pseudo-random number generator when there is not enough entropy in the pool. Use /dev/random instead.
- The keyfile generation looks odd. Normally you should use the procedure outlined in the loop-aes readme, generating 65 keys.


Regards,
Lotharster

Last edited by Lotharster; 11-03-2006 at 04:03 AM.
 
Old 11-02-2006, 10:52 AM   #3
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 185

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by Lotharster
- Your /tmp partition is just reformatted, but not securely wiped at shutdown/reboot, so files could be recovered. A solution would be to encrypt it also using a random key. This is possible with loop-aes.
- Since your /var/log directory is not encrypted, a thief can access all logging files, which might contain names of files, maybe even file contents of "secret" files stored in your /home folder.
- Do you use a good pgp password to encrypt your keyfiles in case they get into the wrong hands?
- Using /dev/urandom is a potential security hole, since it works as a (maybe insecure) pseudo-random number generator when there is not enough entropy in the pool. Use /dev/random instead.
- The keyfile generation looks odd. Normally you should use the procedure outlined in the loop-aes readme, generating 65 keys.
- I was under the belief tmpfs creates a ramdisk and that the files are located in the computer's RAM instead of the disk? Thus making it impossible to recover the files after a boot, since they were never on the disk in the first place. Have I been completely wrong?
- Agreed about the /var-partition. I am considering encrypting it as well.
- My passwords contain 10 - 20 big & small letters and numbers.
- Typo in the first post, I did use /dev/random to generate the key. Fixed.
- Will look into the Loop-AES readme. I think I copied that command from some article on the web.

Thank you for your observations.
 
Old 11-03-2006, 04:01 AM   #4
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Rep: Reputation: 15
Quote:
Originally Posted by make
- I was under the belief tmpfs creates a ramdisk and that the files are located in the computer's RAM instead of the disk? Thus making it impossible to recover the files after a boot, since they were never on the disk in the first place. Have I been completely wrong?
You are right - I confused this with a normal /tmp partition. A tmpfs resides in RAM and swap, and since the former vanishes on power down and the later is encrypted anyway, this should be safe.
 
Old 11-04-2006, 05:02 AM   #5
make
Member
 
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 185

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by Lotharster
A tmpfs resides in RAM and swap
Alright, then I have accomplished what I wanted to.

I have just been recently wondering, whether Enc-FS or DM-Crypt might be more preferable to Loop-AES. I know that Loop-AES is the fastest out of these three (saw benchmarks), but could the other 2 provide perhaps more security?

What would be the best way for me to try to "spy" my own files from an encrypted, unmounted partition and this way verify that they are indeed secured?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DISCUSSION: Protecting Files Using Encrypted Containers XavierP LinuxAnswers Discussion 1 02-25-2007 06:23 AM
A question on encrypted pdf files satimis Linux - General 1 12-10-2005 04:16 AM
can you apply 2.6.x kernel config to 2.4.x safely/somewhat safely? silex_88 Linux - Software 3 12-09-2005 11:38 PM
GnuPG encrypted files format rblampain Linux - Security 2 08-22-2005 09:15 AM
what files can be safely deleted to save disk space? rohan208 Linux - General 9 05-27-2004 08:06 PM


All times are GMT -5. The time now is 09:14 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration