Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi guys, hope you could help me with my situation.
I possess RasberryPI with a 8GB card, and as a OS, I use Pidora, a modified Fedora on it.
I'm having big difficulties for cryping my folder on it.
Basicly I want my /opt folder crypted and at startup to be mounted (decrypted).
The startup proces can be done over a script.
Hope you can help me with this.
TenTenths, basicly I want my /opt folder encrypted, and on boot using a bash script decrypted, I've tried cryptsetup but have probles since /opt is not a parittion.
TenTenths, ok will go with a /opt as a parition.
But I have one more question for you.
Let me try to discribe you my problem, lets say you have 100 PI's and they are going to your clients. You want them protected from stealing information from you, how whould you do that?
My toughts are :
#1 SSH manually mounting partitions.
#2 Auto mounting partitions.
It would depend on what you're encrypting, without knowing more about your requirement it's difficult to say.
Encrypting a partition is only useful if the password has to be entered manually each time or possibly if there is great physical security around the device to prevent people from booting in to single user mode and then mounting your partition with the information sitting there on the device. With a RasPi it's even easier as it's just a matter of pulling the SD card out of it as the vast majority of cases make it rather easy.
Just off the top of my head, have you thought about something like having the RasPi "phone home" over https to download the decryption password at boot time before it mounts the /opt partition?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.