LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-16-2006, 09:16 AM   #1
lefty.crupps
Member
 
Registered: Apr 2005
Location: Minneap USA
Distribution: Debian, Mepis, Sidux
Posts: 470

Rep: Reputation: 32
Encryption, spanning time and distros


I just got a large new hard drive and I think that I'd like to protect my data a bit better. Encryption seems to be the way to go, but I am concerned about changing away from my current Kubuntu to another distribution in the future, and suddenly being locked out of my files.

If I mount an encrypted file system, will any POSIX OS (with the correct packaages like dm-crypt or cryptoloop) be able to prompt for a password, properly unlock the drive, and mount the volume without problems?

Or will I be somewhat forced to deal with minor variations in the precompiled 'cryption software which will lead to compiling headaches down the road?

Are there any concerns that I should consider before doing this?
 
Old 08-16-2006, 10:00 AM   #2
marozsas
Senior Member
 
Registered: Dec 2005
Location: Campinas/SP - Brazil
Distribution: SuSE, RHEL, Fedora, Ubuntu
Posts: 1,508
Blog Entries: 2

Rep: Reputation: 68
I liked "encfs" a lot. It is part of fuse-encfs package (http://arg0.net/wiki/encfs).

It is handy because I can choose to make just a few directories with sensitive information encrypted, not the whole filesystem, and I can decrypt my folder just when I need it, not at the boot time.

I even create an action on Nautilus (the gnome's filemanager) to encrypt and decrypt a folder using the right's button menu. Very easy to use. Just drop the plain files there and they become encrypted. I can use the files from that location, directly, not need to decrypt it before. And the passphrase is given only once, at the mount time.

This solution is good for a multiuser environment. No need the superuser permissions, it is just a user's space solution.
 
Old 08-16-2006, 10:37 AM   #3
lefty.crupps
Member
 
Registered: Apr 2005
Location: Minneap USA
Distribution: Debian, Mepis, Sidux
Posts: 470

Original Poster
Rep: Reputation: 32
I like the sounds of that... Any idea how well that works in an KDE or XFCE or Enlightenment environment?
 
Old 08-16-2006, 10:52 AM   #4
marozsas
Senior Member
 
Registered: Dec 2005
Location: Campinas/SP - Brazil
Distribution: SuSE, RHEL, Fedora, Ubuntu
Posts: 1,508
Blog Entries: 2

Rep: Reputation: 68
It is a command line tool, just like every thing else.

Use ...
Code:
$ encfs ~/.your-hidden-encripted-folder ~/here-is-the-decrypted-folder
... to mount the previous created .your-hidden-encripted-folder at here-is-the-decrypted-folder. It will ask your passphrase at that time or you can pass a program to read the password from. I make my nautilus action using zenity to entry the passphrase, but you can use the kdialog.

To unmount, just issue
Code:
$ fusermount -u ~/here-is-the-decrypted-folder
You can create a script that test if the mount point is already mounted and if so, then unmount it, else, mount it asking the passphrase with kdialog.

Use this script as a konqueror's script (i don't remember exactly how KDE named this). If you want I can post my script tomorrow (it is in my home, not at work) so you don't need to start from scratch. let me know.

cheers,
 
Old 09-01-2006, 09:09 AM   #5
lefty.crupps
Member
 
Registered: Apr 2005
Location: Minneap USA
Distribution: Debian, Mepis, Sidux
Posts: 470

Original Poster
Rep: Reputation: 32
marozsas, thank you for the info! yeah, the script might help me out, if you'd post it. i've been lazy on this point lately and its still a good idea for me to start working with an encrypted fs.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
File encryption and theoretical cracking time Hal Linux - Security 9 11-14-2005 01:15 PM
grrr...have been wasting my time on other distros denning Mandriva 2 02-10-2005 06:57 PM
Hardware real time encryption/decryption in Linux... Akonbobot Linux - Security 2 11-24-2004 02:33 AM
working with two distros in same time Nadim Slackware 5 04-03-2004 01:31 PM
Mandrake 9.0 Wireless Works without encryption.. does not with encryption topcat Linux - Wireless Networking 3 05-04-2003 09:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration