LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-18-2005, 06:05 AM   #1
hyllplan
Member
 
Registered: Nov 2004
Location: Stockholm, Sweden
Distribution: Debian (Sarge), Red Hat, Ubuntu, Knoppix
Posts: 99

Rep: Reputation: 15
Question Encrypt /home and USB-memory


Hi,

1) I would like to encrypt /home, what would be a simple approach to do this?, the algorithm does'nt really matter, but I want it more secure than e.g. DES.

2) Also I would like to encrypt my USB-memory, I am using FAT32 on that memory because I want to be able to read it from Windows as well. Is it possible to encrypt it so I will be able to unencrypt it in Linux and as well in Windows?

Thanks,
- Johan
 
Old 07-18-2005, 08:08 AM   #2
mattLSO
Member
 
Registered: Jun 2005
Posts: 43

Rep: Reputation: 15
With reference to the first question, you could use cryptoloop or CFS an NFS wrapper, there
is a good howto here http://www.tldp.org/HOWTO/Cryptoloop-HOWTO/.

Regards
 
Old 07-18-2005, 08:57 AM   #3
hyllplan
Member
 
Registered: Nov 2004
Location: Stockholm, Sweden
Distribution: Debian (Sarge), Red Hat, Ubuntu, Knoppix
Posts: 99

Original Poster
Rep: Reputation: 15
Thanks, I will try it out
- Johan
 
Old 07-20-2005, 05:27 AM   #4
hyllplan
Member
 
Registered: Nov 2004
Location: Stockholm, Sweden
Distribution: Debian (Sarge), Red Hat, Ubuntu, Knoppix
Posts: 99

Original Poster
Rep: Reputation: 15
Thanks mattLSO for the tip, it turned out that cryptoloop is depreciated in krn 2.6.11 and you should now go for dm-crypt instead. I have tried it on my memorystick and it worked fine with ext3 and everything.
As dm-crypt is a device-mapper thing I have to load the following before I can mount the encrypted filesystem:

'cryptsetup create sda1 /dev/sda1' (I have to give my password at this stage)
and then 'mount /dev/mapper/sda1 /mnt/usbkey'

and the following to umount:

'umount /mnt/usbkey'
'cryptsetup remove sda1'

Now I want to try this out for my /home, but I have to run the cryptsetup thing before mount and after umount. I can put "/dev/mapper/sda1 /mnt/usbkey" in /etc/fstab, but what about the cryptsetup thing (that prompts me for my password). Where could I put the line to make it happen at the right time (before mount of /home and after umount of /home)

Thanks!,
- Johan
 
Old 07-23-2005, 10:55 AM   #5
mattLSO
Member
 
Registered: Jun 2005
Posts: 43

Rep: Reputation: 15
Hey in fstab on the line of the /home add this
Quote:
noauto
Example:

Quote:
/dev/hda3 /home ext3 errors=remount-ro,noauto 0 1
This will prevent it from being mounted on boot then in (On Debian, redhat is /etc/rc.d/init.d) /etc/init.d/ create a script called docrypto to run the commands, chmod 755 it then

Quote:
cd /etc/rc3.d
ln -s ../init.d/docrypto S10crypto
This will load your crypto commands on boot, as for unmounting when init changes runlevel on shutdown or reboot it calls the script with stop, just make sure it has the following format.

Quote:
#! /bin/sh
case "$1" in
start)
echo -n "Starting cryptographic system"
#put your start commands here
echo "."
;;
stop)
#shutdown commands
;;
restart)
stop()
start()
;;
*)
echo "Usage: docrypto (start/stop/restart)"
exit 1
esac
exit 0
Hopefully this will put you on the right path

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
encrypt and decrypt using encrypt(char block[64], int edflag) rockwell_001 Linux - Security 3 08-30-2009 09:16 AM
Missing memory in USB stick, flash memory, removable hd etc bamboo_spider Linux - Newbie 3 06-14-2006 05:39 PM
how to lock and encrypt a folder in my home? greythorne SUSE / openSUSE 4 06-26-2005 02:18 PM
USB Memory robertoneto123 Linux - Hardware 2 02-03-2005 06:11 AM
core.2200 888.0 memory dump - file just appeared in my home directory Lakota Linux - Newbie 2 10-06-2003 09:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration