Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
11-02-2006, 08:54 AM
|
#1
|
Member
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195
Rep:
|
How safely encrypted are my files?
I've been using for almost a year my current setup on several computers. Now I've begun to wonder, how safe would it be against theft, in fact.
Scenario: Someone steals my Linux-laptop (power off) which has its hard drive protected with the following encryption setup. This person is not interested enough to spend months on trying to break the encryption, but is still interested in a quick spy of what the disk contains. Can I assume that my files should be relatively safe from such casual and trivial spying attempts?
Setup concerning the encryption:
Code:
Keyfile was created with:
$ dd if=/dev/random bs=1c count=32 | gpg -c -a >keyfile
Code:
$ cat /etc/fstab
/dev/hda5 /home reiserfs noexec,encryption=AES256,gpgkey=/mnt/removable/keyfile,noatime,notail,nosuid
none /tmp tmpfs size=256m,noexec,nosuid,noatime 0 0
/dev/hda1 swap swap defaults,noatime,encrypted 0 0
The GPG keyfile is located on a memory card, which is separated from the laptop, never in the laptop case. Desktop PC's on the other hand, are getting the keyfile from an encrypted NAS-device in the network. The keyfile is never stored on the computers' hard drives. pam_mount mounts the encrypted /home-partition at login. /tmp is located on a tmpfs, thus wiped at every boot. I use a different keyfile for every partition, even when located on the same computer.
Now, obviously this setup cannot offer as wide protection as encrypting the whole hard drive could. But it also doesn't take as much time to implement. System logging is disabled, so /var should not reveal anything special.
What do you think about my setup? What should I improve or change? Should I change from Loop-AES to DM-Crypt, Enc-FS or something else? I don't need military grade protection, just don't want my work documents to leak outside the company.
Extra question: What about the safety of the Mac OS X Tiger FileVault on my MacBook? I find it hard to locate reliable comparisons between different encryption methods, although I've been googling and reading lots and lots of articles.
Last edited by make; 11-02-2006 at 11:53 AM.
|
|
|
11-02-2006, 11:20 AM
|
#2
|
Member
Registered: Nov 2005
Posts: 144
Rep:
|
I think your setup is quite safe, but there are some ways a clever thief could get at some private infornation:
- EDIT: This was incorrect
- Since your /var/log directory is not encrypted, a thief can access all logging files, which might contain names of files, maybe even file contents of "secret" files stored in your /home folder.
- Do you use a good pgp password to encrypt your keyfiles in case they get into the wrong hands?
- Using /dev/urandom is a potential security hole, since it works as a (maybe insecure) pseudo-random number generator when there is not enough entropy in the pool. Use /dev/random instead.
- The keyfile generation looks odd. Normally you should use the procedure outlined in the loop-aes readme, generating 65 keys.
Regards,
Lotharster
Last edited by Lotharster; 11-03-2006 at 05:03 AM.
|
|
|
11-02-2006, 11:52 AM
|
#3
|
Member
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195
Original Poster
Rep:
|
Quote:
Originally Posted by Lotharster
- Your /tmp partition is just reformatted, but not securely wiped at shutdown/reboot, so files could be recovered. A solution would be to encrypt it also using a random key. This is possible with loop-aes.
- Since your /var/log directory is not encrypted, a thief can access all logging files, which might contain names of files, maybe even file contents of "secret" files stored in your /home folder.
- Do you use a good pgp password to encrypt your keyfiles in case they get into the wrong hands?
- Using /dev/urandom is a potential security hole, since it works as a (maybe insecure) pseudo-random number generator when there is not enough entropy in the pool. Use /dev/random instead.
- The keyfile generation looks odd. Normally you should use the procedure outlined in the loop-aes readme, generating 65 keys.
|
- I was under the belief tmpfs creates a ramdisk and that the files are located in the computer's RAM instead of the disk? Thus making it impossible to recover the files after a boot, since they were never on the disk in the first place. Have I been completely wrong?
- Agreed about the /var-partition. I am considering encrypting it as well.
- My passwords contain 10 - 20 big & small letters and numbers.
- Typo in the first post, I did use /dev/random to generate the key. Fixed.
- Will look into the Loop-AES readme. I think I copied that command from some article on the web.
Thank you for your observations.
|
|
|
11-03-2006, 05:01 AM
|
#4
|
Member
Registered: Nov 2005
Posts: 144
Rep:
|
Quote:
Originally Posted by make
- I was under the belief tmpfs creates a ramdisk and that the files are located in the computer's RAM instead of the disk? Thus making it impossible to recover the files after a boot, since they were never on the disk in the first place. Have I been completely wrong?
|
You are right - I confused this with a normal /tmp partition. A tmpfs resides in RAM and swap, and since the former vanishes on power down and the later is encrypted anyway, this should be safe.
|
|
|
11-04-2006, 06:02 AM
|
#5
|
Member
Registered: Apr 2004
Distribution: Mandriva, Ubuntu, openSuSE, FreeBSD, OpenSolaris, PC-BSD
Posts: 195
Original Poster
Rep:
|
Quote:
Originally Posted by Lotharster
A tmpfs resides in RAM and swap
|
Alright, then I have accomplished what I wanted to.
I have just been recently wondering, whether Enc-FS or DM-Crypt might be more preferable to Loop-AES. I know that Loop-AES is the fastest out of these three (saw benchmarks), but could the other 2 provide perhaps more security?
What would be the best way for me to try to "spy" my own files from an encrypted, unmounted partition and this way verify that they are indeed secured?
|
|
|
All times are GMT -5. The time now is 07:42 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|