Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've been using for almost a year my current setup on several computers. Now I've begun to wonder, how safe would it be against theft, in fact.
Scenario: Someone steals my Linux-laptop (power off) which has its hard drive protected with the following encryption setup. This person is not interested enough to spend months on trying to break the encryption, but is still interested in a quick spy of what the disk contains. Can I assume that my files should be relatively safe from such casual and trivial spying attempts?
Setup concerning the encryption:
Code:
Keyfile was created with:
$ dd if=/dev/random bs=1c count=32 | gpg -c -a >keyfile
The GPG keyfile is located on a memory card, which is separated from the laptop, never in the laptop case. Desktop PC's on the other hand, are getting the keyfile from an encrypted NAS-device in the network. The keyfile is never stored on the computers' hard drives. pam_mount mounts the encrypted /home-partition at login. /tmp is located on a tmpfs, thus wiped at every boot. I use a different keyfile for every partition, even when located on the same computer.
Now, obviously this setup cannot offer as wide protection as encrypting the whole hard drive could. But it also doesn't take as much time to implement. System logging is disabled, so /var should not reveal anything special.
What do you think about my setup? What should I improve or change? Should I change from Loop-AES to DM-Crypt, Enc-FS or something else? I don't need military grade protection, just don't want my work documents to leak outside the company.
Extra question: What about the safety of the Mac OS X Tiger FileVault on my MacBook? I find it hard to locate reliable comparisons between different encryption methods, although I've been googling and reading lots and lots of articles.
I think your setup is quite safe, but there are some ways a clever thief could get at some private infornation:
- EDIT: This was incorrect
- Since your /var/log directory is not encrypted, a thief can access all logging files, which might contain names of files, maybe even file contents of "secret" files stored in your /home folder.
- Do you use a good pgp password to encrypt your keyfiles in case they get into the wrong hands?
- Using /dev/urandom is a potential security hole, since it works as a (maybe insecure) pseudo-random number generator when there is not enough entropy in the pool. Use /dev/random instead.
- The keyfile generation looks odd. Normally you should use the procedure outlined in the loop-aes readme, generating 65 keys.
Regards,
Lotharster
Last edited by Lotharster; 11-03-2006 at 04:03 AM.
- Your /tmp partition is just reformatted, but not securely wiped at shutdown/reboot, so files could be recovered. A solution would be to encrypt it also using a random key. This is possible with loop-aes.
- Since your /var/log directory is not encrypted, a thief can access all logging files, which might contain names of files, maybe even file contents of "secret" files stored in your /home folder.
- Do you use a good pgp password to encrypt your keyfiles in case they get into the wrong hands?
- Using /dev/urandom is a potential security hole, since it works as a (maybe insecure) pseudo-random number generator when there is not enough entropy in the pool. Use /dev/random instead.
- The keyfile generation looks odd. Normally you should use the procedure outlined in the loop-aes readme, generating 65 keys.
- I was under the belief tmpfs creates a ramdisk and that the files are located in the computer's RAM instead of the disk? Thus making it impossible to recover the files after a boot, since they were never on the disk in the first place. Have I been completely wrong?
- Agreed about the /var-partition. I am considering encrypting it as well.
- My passwords contain 10 - 20 big & small letters and numbers.
- Typo in the first post, I did use /dev/random to generate the key. Fixed.
- Will look into the Loop-AES readme. I think I copied that command from some article on the web.
- I was under the belief tmpfs creates a ramdisk and that the files are located in the computer's RAM instead of the disk? Thus making it impossible to recover the files after a boot, since they were never on the disk in the first place. Have I been completely wrong?
You are right - I confused this with a normal /tmp partition. A tmpfs resides in RAM and swap, and since the former vanishes on power down and the later is encrypted anyway, this should be safe.
Alright, then I have accomplished what I wanted to.
I have just been recently wondering, whether Enc-FS or DM-Crypt might be more preferable to Loop-AES. I know that Loop-AES is the fastest out of these three (saw benchmarks), but could the other 2 provide perhaps more security?
What would be the best way for me to try to "spy" my own files from an encrypted, unmounted partition and this way verify that they are indeed secured?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.