LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu
User Name
Password
Ubuntu This forum is for the discussion of Ubuntu Linux.

Notices

Reply
 
Search this Thread
Old 06-17-2012, 04:48 PM   #1
AjsmenBG
LQ Newbie
 
Registered: Feb 2011
Posts: 8

Rep: Reputation: 0
Ubuntu bootable USB stick with private partition


Hello there,

In my company we have one development team under Linux, they need a bootable usb stick with 2 partition, one public partition and a private partiton (not visible before call a c program)..when the system boot, syslinux or grup call initrd, then init call a binary file that request a password to user, after this, if the password is correct, mount the private partition, and load the os (i think to use squashfs)...One of our developers made binary files.but can someone explain to me how to all of that??

Tnx in advance

Last edited by AjsmenBG; 06-17-2012 at 04:49 PM.
 
Old 06-17-2012, 04:50 PM   #2
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,346
Blog Entries: 2

Rep: Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978
Would be easier to just boot the OS from the public partition and then mount an encrypted private partition. This can easily be done with a shell script, using LUKS together with cryptsetup. The cryptsetup program will ask for the password automatically.
 
Old 06-17-2012, 05:00 PM   #3
AjsmenBG
LQ Newbie
 
Registered: Feb 2011
Posts: 8

Original Poster
Rep: Reputation: 0
Can you explain me more about that..or post the shell script please..we are not very good in Linux partitoning system.
 
Old 06-17-2012, 05:17 PM   #4
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,346
Blog Entries: 2

Rep: Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978
You just make two partitions on the USB device and install Ubuntu into the first one, a normal regular install. The second partition will be encrypted, it is fairly easy to do that. If that partition will be mounted every time the system boots you don't even need a script, just follow these instructions: http://blog.creonfx.com/linux/how-to...r-ubuntu-11-10
 
Old 06-17-2012, 05:19 PM   #5
AjsmenBG
LQ Newbie
 
Registered: Feb 2011
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by TobiSGD View Post
You just make two partitions on the USB device and install Ubuntu into the first one, a normal regular install. The second partition will be encrypted, it is fairly easy to do that. If that partition will be mounted every time the system boots you don't even need a script, just follow these instructions: http://blog.creonfx.com/linux/how-to...r-ubuntu-11-10
Ok thanks for your fast replay m8
 
Old 06-18-2012, 05:09 AM   #6
AjsmenBG
LQ Newbie
 
Registered: Feb 2011
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by TobiSGD View Post
You just make two partitions on the USB device and install Ubuntu into the first one, a normal regular install. The second partition will be encrypted, it is fairly easy to do that. If that partition will be mounted every time the system boots you don't even need a script, just follow these instructions: http://blog.creonfx.com/linux/how-to...r-ubuntu-11-10
Sorry ,but what about if i want to encrypt OS partition?I didnt explain to u our problem on right way..Problem is because we want to use hardware based encryption ,we have USB with hw encrypted key..how to solve this?

Last edited by AjsmenBG; 06-18-2012 at 07:14 AM.
 
Old 06-18-2012, 10:54 AM   #7
honeybadger
Member
 
Registered: Aug 2007
Location: India
Distribution: Slackware (mainly) and then a lot of others...
Posts: 847

Rep: Reputation: Disabled
Google 'encrypting the root linux' there is a link specially for Ubuntu.
Hope this helps.
 
Old 07-27-2012, 04:30 PM   #8
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,346
Blog Entries: 2

Rep: Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978
The OP just sent me an email with further detail. They want to use the hardware encrypted SafeToGo devices from Giesecke & Devrient.
The problem with this devices is that they need a working system with GUI to load a client program that sends the password to the inbuilt crypt-processor.
So loading the OS from this devices is not an option.
You have to use two devices, one USB device for the OS (which can be software encrypted with the usual setups) and the hardware encrypted device with the actual data.
 
Old 07-27-2012, 11:54 PM   #9
AjsmenBG
LQ Newbie
 
Registered: Feb 2011
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by TobiSGD View Post
The OP just sent me an email with further detail. They want to use the hardware encrypted SafeToGo devices from Giesecke & Devrient.
The problem with this devices is that they need a working system with GUI to load a client program that sends the password to the inbuilt crypt-processor.
So loading the OS from this devices is not an option.
You have to use two devices, one USB device for the OS (which can be software encrypted with the usual setups) and the hardware encrypted device with the actual data.
So u think that is not possible to setup it with our SDK? There is full SDK for Linux,Windows and Mac OS X ..That is true that there is GUI for unlocking partition on Windows...for Linux software is not avaible yet but command line tools.Its possible to unlock read only CD-ROM partition and modify data inside with SDK .I am a little bit confused and tired a lot with this project..What is ur suggestion dude?
 
Old 07-29-2012, 04:53 AM   #10
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,346
Blog Entries: 2

Rep: Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978Reputation: 3978
My suggestion is to go for software encryption instead of hardware encryption, it is cheaper, much easier to set up and as safe as hardware encryption.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Making one partition of a USB stick bootable Ubuntu install aurora72 Ubuntu 1 05-16-2012 05:54 AM
GRUB: Booting from USB; Creating the Ultimate Bootable USB Stick Jinouchi Linux - Software 2 04-07-2010 04:17 PM
Making a USB stick bootable from a bootable cdrom cwwilson721 Slackware 2 10-23-2009 09:18 PM
may install from cdrom to USB FLASH DRIVE(to get it a USB stick bootable) the ubuntu lse123 Linux - Newbie 5 01-02-2009 04:56 PM
bootable USB-Stick overlord73 Linux - Hardware 1 01-14-2005 02:17 AM


All times are GMT -5. The time now is 11:22 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration