LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 08-07-2006, 01:36 PM   #1
Zmyrgel
Senior Member
 
Registered: Dec 2005
Location: Finland
Distribution: Slackware, CentOS, RHEL, OpenBSD
Posts: 1,006

Rep: Reputation: 36
System encryption with dm-crypt and luks?


Hi,

Again I'm switching distros. I had windows on my laptop first time in two months and now it's broken again... Blue Screen of Death and all...

My question is this, can I encrypt my whole system as in the gentoo documentation.

I was planning to make it with gentoo but not too happy to compile again whole system from scracth.

I am planning to make that with LVM2... I found tutorial for that in somewhere on these forums and it was quite difficult compared to gentoos version so I'm asking here can I follow the gentoo guide with slackware or how should I proceed?

Any way, is it possible to install using lvm2, dm-drypt and luks, a fully encrypted system using slackware.

A side note, does that encryption reduce performance, for instance in desktop use?

Last edited by Zmyrgel; 08-08-2006 at 04:08 AM.
 
Old 08-08-2006, 01:02 PM   #2
Daga
Member
 
Registered: Apr 2006
Location: A comfy chair...
Distribution: Slackware
Posts: 110

Rep: Reputation: 15
Yes, it is possible to encrypt the harddrive in Slackware -- it's a kernel function. I haven't tried doing this yet (want to ), but it seems that you will have to extract the crypto modules from the slackware/a/kernel-modules-2.4.31-i486-1.tgz package on the CD and insert them into the kernel on the install CD. I don't know about the utilities to create a crypto filesystem, though. There isn't a cryptsetup utility for Slackware, and it's been a while since I have created an encrypted loopback device.

This will slow down the system a little depending on which encryption method you choose. I don't know how much for each file system. Also you will have to either recompile the kernel with the crypto modules in the kernel, or create an initramfs/initrd image with those modules. The Gentoo page goes into a little more detail about it.

HTH
 
Old 08-08-2006, 01:23 PM   #3
Zmyrgel
Senior Member
 
Registered: Dec 2005
Location: Finland
Distribution: Slackware, CentOS, RHEL, OpenBSD
Posts: 1,006

Original Poster
Rep: Reputation: 36
Yeah, I'd figure out that something complicated was behind this.

I have no idea on how to begin, except I need to use the 2.6 series kernel to have support for my sata-drives as I have new laptop...

So what should the process be like?

-I'd boot with slack cd and choose test26.s
-make the /ram directory mounted in memory and copy /sbin and /bin into it to save space
-extract crypto thingys from kernel-2.6-modules
-get some crypto program similar to cryptsetup?
-mount partitions and encrypt them...


Any idea on how to do this more specificly?
 
Old 08-08-2006, 02:23 PM   #4
titopoquito
Senior Member
 
Registered: Jul 2004
Location: Ruhr Area, Germany
Distribution: Slackware64 14.0
Posts: 1,517

Rep: Reputation: 90
http://axljab.homelinux.org/Encryption_-_dm-crypt has a good howto for cryptsetup-luks. You will see it is written for Gentoo but worked good for my Slackware install. I don't have it actually installed and cannot help much with this, but managed to create an encrypted loop device with this.

You will have to install cryptsetup with luks (http://luks.endorphin.org/dm-crypt), hashalot (you can find it with google, but at the moment there seems to be a server problem) and the device-mapper (I used alienbob's slackbuild or precompiled package, see http://www.slackware.com/~alien/slackbuilds/ ). Cryptsetup-luks was very easy to build: ./configure --prefix=/usr && make && make install ---- maybe with DESTDIR to package it. hashalot was the same I think.
 
Old 08-09-2006, 02:04 AM   #5
Zmyrgel
Senior Member
 
Registered: Dec 2005
Location: Finland
Distribution: Slackware, CentOS, RHEL, OpenBSD
Posts: 1,006

Original Poster
Rep: Reputation: 36
But how can I do this as I intend to encrypt my whole disk so I need to have the support in the CD. Does basic slackware 10.2 CD offer the support needed for such an operation?
 
Old 08-20-2006, 02:04 AM   #6
bl0tt0
Member
 
Registered: Aug 2005
Location: The Glorious People's Republic of Austin
Posts: 145

Rep: Reputation: 21
Just thought I'd throw in a little bit of interesting info on this thread. I looked in the Distro Support Status section of the LUKS website, and at the very end they mention Nemonico, which is apparently nearly completely stock Slackware except for the installer which allows you to create encrypted partitions with LUKS. Interesting stuff.
 
Old 08-20-2006, 11:25 AM   #7
Daga
Member
 
Registered: Apr 2006
Location: A comfy chair...
Distribution: Slackware
Posts: 110

Rep: Reputation: 15
Here's the address, since it isn't on the first page or two of Google: http://sourceforge.net/projects/nemonico
 
Old 08-21-2006, 01:24 AM   #8
Zmyrgel
Senior Member
 
Registered: Dec 2005
Location: Finland
Distribution: Slackware, CentOS, RHEL, OpenBSD
Posts: 1,006

Original Poster
Rep: Reputation: 36
Hey, that seems quite interresting. I might just give this a shot when the 11.0 is released.
If this time I get this to work

Thanks bl0tt0 for pointing this out.
 
Old 08-21-2006, 04:44 AM   #9
Zmyrgel
Senior Member
 
Registered: Dec 2005
Location: Finland
Distribution: Slackware, CentOS, RHEL, OpenBSD
Posts: 1,006

Original Poster
Rep: Reputation: 36
About Nemonico, does it support LVM-partitions? I didn't find any info from the page. I'll download the nemonico either case but it would be nice to know.
 
Old 09-02-2006, 10:40 AM   #10
bl0tt0
Member
 
Registered: Aug 2005
Location: The Glorious People's Republic of Austin
Posts: 145

Rep: Reputation: 21
Also, I just did a little bit of googling on LUKS and Slackware and found this thread in the linuxpackages forum: http://www.linuxpackages.net/forum/v...b97bf6aeb688e0. It might not be exactly what you are looking for, but they do talk about properly building the initramfs for an encrypted Slackware installation.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
file system encryption on servers Synesthesia Linux - Security 2 06-05-2006 04:03 PM
dmcrypt+luks - Benchmarks ddaas Linux - Security 0 05-24-2006 08:07 AM
File System Encryption raja1979 Linux - Security 2 12-23-2005 05:08 PM
slackware encryption dm-crypt rino.caldelli Slackware 25 08-02-2005 05:25 AM
Mandrake 9.0 Wireless Works without encryption.. does not with encryption topcat Linux - Wireless Networking 3 05-04-2003 08:47 PM


All times are GMT -5. The time now is 05:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration