public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] Encripting /home
@ 2005-07-27 23:18 Pupeno
  2005-07-27 23:54 ` Luigi Pinna
  2005-07-28  5:36 ` Richard Fish
  0 siblings, 2 replies; 23+ messages in thread
From: Pupeno @ 2005-07-27 23:18 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 616 bytes --]

Hello,
I want to have the /home of my laptop encripted, with an external key (in a CD 
or floppy, until I get an usb pain drive), specially to be able to change the 
passphrase easily and have various medias with different passphrases and the 
same key (so, my wife can uses her own passphrase), is this possible ? it'll 
be the non written 13th item here: 
http://www.sdc.org/~leila/usb-dongle/readme.html, right ?
Any docs that explains how to achieve this (as close as possible to Gentoo).
Thanks.
-- 
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-27 23:18 [gentoo-user] Encripting /home Pupeno
@ 2005-07-27 23:54 ` Luigi Pinna
  2005-07-28  0:35   ` Jerry McBride
  2005-07-28  0:48   ` Pupeno
  2005-07-28  5:36 ` Richard Fish
  1 sibling, 2 replies; 23+ messages in thread
From: Luigi Pinna @ 2005-07-27 23:54 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 1191 bytes --]

Alle 01:18, giovedì 28 luglio 2005, Pupeno ha scritto:
> Hello,
> I want to have the /home of my laptop encripted, with an external key
> (in a CD or floppy, until I get an usb pain drive), specially to be
> able to change the passphrase easily and have various medias with
> different passphrases and the same key (so, my wife can uses her own
> passphrase), is this possible ? it'll be the non written 13th item
> here:
> http://www.sdc.org/~leila/usb-dongle/readme.html, right ?
> Any docs that explains how to achieve this (as close as possible to
> Gentoo). Thanks.

I have my home encrypt...
But I cannot change the passphrase!
I use the dm-crypt from the kernel....
With these options, I can create a dynamic passphrase...
/bin/cryptsetup -h ripemd160 -c aes create home /path/device
You don't need a key (that someone can keep and force) but the key is 
created from the passphrase: that means that without that word works 
nothing,but you need a good password (and please, don't write it on the 
monitor ;-) ...)
cryptsetup is in portage tree, dm-crypt option is in the kernel...
See you,
Luigi
-- 
Public key GPG(0x073A0960) on http://keyserver.linux.it/

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-27 23:54 ` Luigi Pinna
@ 2005-07-28  0:35   ` Jerry McBride
  2005-07-28  0:48   ` Pupeno
  1 sibling, 0 replies; 23+ messages in thread
From: Jerry McBride @ 2005-07-28  0:35 UTC (permalink / raw
  To: gentoo-user

On Wednesday 27 July 2005 07:54 pm, Luigi Pinna wrote:
> Alle 01:18, giovedì 28 luglio 2005, Pupeno ha scritto:
> > Hello,
> > I want to have the /home of my laptop encripted, with an external key
> > (in a CD or floppy, until I get an usb pain drive), specially to be
> > able to change the passphrase easily and have various medias with
> > different passphrases and the same key (so, my wife can uses her own
> > passphrase), is this possible ? it'll be the non written 13th item
> > here:
> > http://www.sdc.org/~leila/usb-dongle/readme.html, right ?
> > Any docs that explains how to achieve this (as close as possible to
> > Gentoo). Thanks.
>
> I have my home encrypt...
> But I cannot change the passphrase!
> I use the dm-crypt from the kernel....
> With these options, I can create a dynamic passphrase...
> /bin/cryptsetup -h ripemd160 -c aes create home /path/device
> You don't need a key (that someone can keep and force) but the key is
> created from the passphrase: that means that without that word works
> nothing,but you need a good password (and please, don't write it on the
> monitor ;-) ...)
> cryptsetup is in portage tree, dm-crypt option is in the kernel...
> See you,
> Luigi

On another twist, I was using my own cryptoloop setup untill I tripped over 
encfs. I use it every where now, docs are on the home site of the encfs 
author.

-- 

******************************************************************************
                     Registered Linux User Number 185956
              FSF Associate Member number 2340 since 05/20/2004
             Join me in chat at #linux-users on irc.freenode.net
    Buy an Xbox for $149.00, run linux on it and Microsoft loses $150.00!
      8:41pm  up 9 days, 20:40,  1 user,  load average: 0.00, 0.00, 0.00

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-27 23:54 ` Luigi Pinna
  2005-07-28  0:35   ` Jerry McBride
@ 2005-07-28  0:48   ` Pupeno
  2005-07-28  5:54     ` Richard Fish
                       ` (2 more replies)
  1 sibling, 3 replies; 23+ messages in thread
From: Pupeno @ 2005-07-28  0:48 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 1750 bytes --]

On Wednesday 27 July 2005 20:54, Luigi Pinna wrote:
> Alle 01:18, giovedì 28 luglio 2005, Pupeno ha scritto:
> > Hello,
> > I want to have the /home of my laptop encripted, with an external key
> > (in a CD or floppy, until I get an usb pain drive), specially to be
> > able to change the passphrase easily and have various medias with
> > different passphrases and the same key (so, my wife can uses her own
> > passphrase), is this possible ? it'll be the non written 13th item
> > here:
> > http://www.sdc.org/~leila/usb-dongle/readme.html, right ?
> > Any docs that explains how to achieve this (as close as possible to
> > Gentoo). Thanks.
>
> I have my home encrypt...
> But I cannot change the passphrase!
I don't want a fixed passphrase.

> I use the dm-crypt from the kernel....
I've read that it is unsecure and I also read that it is not yet vory well 
suported.

> With these options, I can create a dynamic passphrase...
What is a dynamic passphrase ?

> You don't need a key (that someone can keep and force) but the key is
> created from the passphrase: that means that without that word works
> nothing,but you need a good password (and please, don't write it on the
> monitor ;-) ...)
I know I don't need a key, but I do want a key (stored in a remobable modia) 
encripted with a passphrase I will be able to change, or best, my wife can 
have the key protected with a different passphrase than I do.
Beyond that, encripting with a key is much better than doing that with a 
passphrase because the passphrase can be cracked (dictionary attack) while 
the key-encripted that can't.

Thanks.
-- 
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-27 23:18 [gentoo-user] Encripting /home Pupeno
  2005-07-27 23:54 ` Luigi Pinna
@ 2005-07-28  5:36 ` Richard Fish
  1 sibling, 0 replies; 23+ messages in thread
From: Richard Fish @ 2005-07-28  5:36 UTC (permalink / raw
  To: gentoo-user

Pupeno wrote:

>Hello,
>I want to have the /home of my laptop encripted, with an external key (in a CD 
>or floppy, until I get an usb pain drive), specially to be able to change the 
>passphrase easily and have various medias with different passphrases and the 
>same key (so, my wife can uses her own passphrase), is this possible ? it'll 
>be the non written 13th item here: 
>http://www.sdc.org/~leila/usb-dongle/readme.html, right ?
>Any docs that explains how to achieve this (as close as possible to Gentoo).
>Thanks.
>  
>

I use loop-aes to encrypt all filesystems.  It is very secure and very 
fast.  If you have USE=crypt, Gentoo already has support for it in the 
mount and losetup commands.  You just need the kernel module (emerge 
loop-aes).

After you emerge it, read the documentation at 
/usr/share/doc/loop-aes-*/README.gz

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28  0:48   ` Pupeno
@ 2005-07-28  5:54     ` Richard Fish
  2005-07-28 15:56       ` Pupeno
  2005-07-29 21:38       ` Alexander Skwar
  2005-07-29  7:13     ` Ralph Slooten
  2005-07-29 21:33     ` Alexander Skwar
  2 siblings, 2 replies; 23+ messages in thread
From: Richard Fish @ 2005-07-28  5:54 UTC (permalink / raw
  To: gentoo-user

Pupeno wrote:

>>I use the dm-crypt from the kernel....
>>    
>>
>I've read that it is unsecure and I also read that it is not yet vory well 
>suported.
>  
>

Dm-crypt is fairly well supported, since it is in the kernel, but I find 
it to be harder to setup and less 'flexible' than loop-AES (the changing 
passphrase thing, for example).

It provides rougly the equivalent security as loop-AES in "single-key" 
mode (where a single key is used to encrypt every block).  loop-AES also 
supports multi-key mode, where 64 different keys are used to encrypt the 
blocks.  Multi-key makes certain kinds of attacks (specifically, 
watermark) more difficult, but is slower.

However, I seem to recall reading somewhere in the last couple of weeks 
that dm-crypt was also getting multi-key support...maybe in the 
mm-kernel, or for 2.6.13...

Now, I doubt that most people actually _need_ the extra security of 
multi-key encryption.   Personally I run loop-AES in single-key mode 
because it is faster than multi-key.  Plus someone willing to go through 
the effort of cracking multi-key encryption would find it much easier to 
simply make a credible physical threat, and I will happily give them my 
password!! :-)

>I know I don't need a key, but I do want a key (stored in a remobable modia) 
>encripted with a passphrase I will be able to change, or best, my wife can 
>have the key protected with a different passphrase than I do.
>Beyond that, encripting with a key is much better than doing that with a 
>passphrase because the passphrase can be cracked (dictionary attack) while 
>the key-encripted that can't.
>  
>

Well, technically, anything can be cracked given enough time and 
computing power.

For using different passwords, this is possible.  You would need to 
encrypt the same key file with gpg to two different .gpg files....your 
wife can use one, and you can use the other.  If the key files are 
stored on separate pieces of removable media, then you each have your 
own "keys" to the system.

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28  5:54     ` Richard Fish
@ 2005-07-28 15:56       ` Pupeno
  2005-07-28 18:10         ` Richard Fish
  2005-07-29 21:49         ` Alexander Skwar
  2005-07-29 21:38       ` Alexander Skwar
  1 sibling, 2 replies; 23+ messages in thread
From: Pupeno @ 2005-07-28 15:56 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 2478 bytes --]

On Thursday 28 July 2005 02:54, Richard Fish wrote:
> Pupeno wrote:
> >>I use the dm-crypt from the kernel....
> >
> >I've read that it is unsecure and I also read that it is not yet vory well
> >suported.
>
> Dm-crypt is fairly well supported, since it is in the kernel, but I find
> it to be harder to setup and less 'flexible' than loop-AES (the changing
> passphrase thing, for example).

I know it is in the kernes, but I've read that there weren't good userland 
tool to work with dm-crypt. Maybe that has changed and Gentoo's userland 
tools can work with dm-crypt, what's the status of that ?
Regarding loop-AES I've read it needs some heavy patching here and there, I 
don't want to do any patching myself because I am likely to loose track of 
it.

> It provides rougly the equivalent security as loop-AES in "single-key"
> mode (where a single key is used to encrypt every block).  loop-AES also
> supports multi-key mode, where 64 different keys are used to encrypt the
> blocks.  Multi-key makes certain kinds of attacks (specifically,
> watermark) more difficult, but is slower.
>
> However, I seem to recall reading somewhere in the last couple of weeks
> that dm-crypt was also getting multi-key support...maybe in the
> mm-kernel, or for 2.6.13...
Single key is enough for me.

> >I know I don't need a key, but I do want a key (stored in a remobable
> > modia) encripted with a passphrase I will be able to change, or best, my
> > wife can have the key protected with a different passphrase than I do.
> >Beyond that, encripting with a key is much better than doing that with a
> >passphrase because the passphrase can be cracked (dictionary attack) while
> >the key-encripted that can't.
>
> Well, technically, anything can be cracked given enough time and
> computing power.
Yes, ok. I should have added a 'practically' there somewhere.

> For using different passwords, this is possible.  You would need to
> encrypt the same key file with gpg to two different .gpg files....your
> wife can use one, and you can use the other.  If the key files are
> stored on separate pieces of removable media, then you each have your
> own "keys" to the system.
That's the idea, that scheme plus the best superted method out fo the box (or 
the net, hehehe). I believe it is cryptoloop, but I am not sure.

Thanks.
-- 
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28 15:56       ` Pupeno
@ 2005-07-28 18:10         ` Richard Fish
  2005-07-29 21:49         ` Alexander Skwar
  1 sibling, 0 replies; 23+ messages in thread
From: Richard Fish @ 2005-07-28 18:10 UTC (permalink / raw
  To: gentoo-user

Pupeno wrote:

>On Thursday 28 July 2005 02:54, Richard Fish wrote:
>  
>
>>Pupeno wrote:
>>    
>>
>>>>I use the dm-crypt from the kernel....
>>>>        
>>>>
>>>I've read that it is unsecure and I also read that it is not yet vory well
>>>suported.
>>>      
>>>
>>Dm-crypt is fairly well supported, since it is in the kernel, but I find
>>it to be harder to setup and less 'flexible' than loop-AES (the changing
>>passphrase thing, for example).
>>    
>>
>
>I know it is in the kernes, but I've read that there weren't good userland 
>tool to work with dm-crypt. Maybe that has changed and Gentoo's userland 
>tools can work with dm-crypt, what's the status of that ?
>  
>

Personally, I find cryptsetup/dm-crypt to be much more difficult to use 
than losetup/mount.  With loop-AES, I have my fstab setup to 
automatically enable the encryption and prompt for the password when 
certain filesystems are mounted (of course, that only works if running 
'mount' from the command line, for now).  I do not think this is 
possible with dm-crypt yet.

>Regarding loop-AES I've read it needs some heavy patching here and there, I 
>don't want to do any patching myself because I am likely to loose track of 
>it.
>  
>

Gentoo already includes the necessary patches if you have USE=crypt.

You just have to remember to do "emerge loop-aes" after each kernel 
upgrade to rebuild the kernel module.


>That's the idea, that scheme plus the best superted method out fo the box (or 
>the net, hehehe). I believe it is cryptoloop, but I am not sure.
>  
>

No no no, cryptoloop is completely brain-damaged security, and AFAIK, 
out of the kernel.  Loop-AES would be the logical successor to 
cryptoloop from a functional and setup standpoint.

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28  0:48   ` Pupeno
  2005-07-28  5:54     ` Richard Fish
@ 2005-07-29  7:13     ` Ralph Slooten
  2005-07-29 15:30       ` Pupeno
  2005-07-29 21:33     ` Alexander Skwar
  2 siblings, 1 reply; 23+ messages in thread
From: Ralph Slooten @ 2005-07-29  7:13 UTC (permalink / raw
  To: gentoo-user

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Pupeno wrote:

>>I use the dm-crypt from the kernel....
> 
> I've read that it is unsecure and I also read that it is not yet vory well 
> suported.

You read wrong. Dm-crypt *is* the encryption technique now used in the
kernel, and it wasn't chosen out of a hat. What you do with it can make
it insecure though, like a postit with the password attached to the
monitor ;-)

As for being supported, well if something is actually in the kernel
itself (without patches), then it IS fully supported. Dm-crypt is fully
supported since linux 2.6.4

Basically, as with any encryption, your secret is as safe as your
password. There are of course tools to help you make your password even
harder to crack, like hashalot, which basically sends your password
though a pipe which hashes it into "greek" ;-)

> I know I don't need a key, but I do want a key (stored in a remobable modia) 
> encripted with a passphrase I will be able to change, or best, my wife can 
> have the key protected with a different passphrase than I do.
> Beyond that, encripting with a key is much better than doing that with a 
> passphrase because the passphrase can be cracked (dictionary attack) while 
> the key-encripted that can't.

It seems what you are looking for with your "key" is probably a GPG key
needed to unlock your drive. This is definitely possible, but you will
have to do the research yourself. I do know there are tutorials to use
gpg keys with encryption passsords etc... and iirc there was a tutorial
for loop-AES too on their site. If you need this is another story. I
know that gpg can have two separate kleys to do the same thing, so I
presume separate keys and passwords are an option, but I have never
ventured down that lane, as I'm not that paranoid. I use gpg myself for
mailing, and encrypting certain files themselves, but I'm not paranoid
enough to encrypt all my files with such heavy encryption. In fact, not
even the US military is that bad. They now use 256bit AES encryption,
which is the default of dm-crypt, and from an atricle I read it still
would take them a couple of decades to crack.

I use dm-crypt on all three of my machines (laptop, workstation and
server), but none of them are fully encrypted ~ just partitions (and in
one case a looped back file acting as partition). All are mounted with a
simple #bash script I wrote to create the decrypted device link, ask to
password, mount the device link to the filesystem. This means that none
of this is found in /etc/fstab either. Users who are allowed to mount
(use that script) are added into sudoers.

Good luck ...
Ralph
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFC6dctAWKxH5yWMT8RAttKAJ0Y+NErA8lbji5HwzG+tPWbvnbzRACfYD4t
DuFFNkZcURq3r41wHxjVuBM=
=slBW
-----END PGP SIGNATURE-----

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-29  7:13     ` Ralph Slooten
@ 2005-07-29 15:30       ` Pupeno
  2005-07-29 17:03         ` Richard Fish
  2005-07-29 19:43         ` Ralph Slooten
  0 siblings, 2 replies; 23+ messages in thread
From: Pupeno @ 2005-07-29 15:30 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 3322 bytes --]

On Friday 29 July 2005 04:13, Ralph Slooten wrote:
> Pupeno wrote:
> >>I use the dm-crypt from the kernel....
> >
> > I've read that it is unsecure and I also read that it is not yet vory
> > well suported.
>
> You read wrong. Dm-crypt *is* the encryption technique now used in the
> kernel, and it wasn't chosen out of a hat. What you do with it can make
> it insecure though, like a postit with the password attached to the
> monitor ;-)
>
> As for being supported, well if something is actually in the kernel
> itself (without patches), then it IS fully supported. Dm-crypt is fully
> supported since linux 2.6.4

As I said in another message, what I read is that the userland tools weren't 
supporting dm-crypt propersy. Probably I've read something that was outdated.

> Basically, as with any encryption, your secret is as safe as your
> password. There are of course tools to help you make your password even
> harder to crack, like hashalot, which basically sends your password
> though a pipe which hashes it into "greek" ;-)
>
> > I know I don't need a key, but I do want a key (stored in a remobable
> > modia) encripted with a passphrase I will be able to change, or best, my
> > wife can have the key protected with a different passphrase than I do.
> > Beyond that, encripting with a key is much better than doing that with a
> > passphrase because the passphrase can be cracked (dictionary attack)
> > while the key-encripted that can't.
>
> It seems what you are looking for with your "key" is probably a GPG key
> needed to unlock your drive. This is definitely possible, but you will
> have to do the research yourself. I do know there are tutorials to use
> gpg keys with encryption passsords etc... and iirc there was a tutorial
> for loop-AES too on their site. If you need this is another story. I
> know that gpg can have two separate kleys to do the same thing, so I
> presume separate keys and passwords are an option, but I have never
> ventured down that lane, as I'm not that paranoid. I use gpg myself for
> mailing, and encrypting certain files themselves, but I'm not paranoid
> enough to encrypt all my files with such heavy encryption. In fact, not
> even the US military is that bad. They now use 256bit AES encryption,
> which is the default of dm-crypt, and from an atricle I read it still
> would take them a couple of decades to crack.

I didn't mean to use gpg to encrypt the whole file system, that would be 
insane. I mean that instead of using a password te encript, to use a 
generated key, which is stronger and to encrypt that key with a password (and 
keep it on a remobable media).
But now that I think of it, I don't need that much security (Am I the only one 
that when reading about security gets paranoid ?).
I'd like this: home to be encripted in a way that can be mounted thru fstab 
asking the passphrase at mount-time, with the posibility to change the 
password easily. I think that can be achieved by using a key and encripting 
the key on cryptoloop, or it is simpler on loop-AES, because the passphrase 
con be changed easily, right ? What about dm-crypt ? is the passphrase 
changeable ?

Thanks.
-- 
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-29 15:30       ` Pupeno
@ 2005-07-29 17:03         ` Richard Fish
  2005-07-29 19:43         ` Ralph Slooten
  1 sibling, 0 replies; 23+ messages in thread
From: Richard Fish @ 2005-07-29 17:03 UTC (permalink / raw
  To: gentoo-user

Pupeno wrote:

>But now that I think of it, I don't need that much security (Am I the only one 
>that when reading about security gets paranoid ?).
>  
>

Nope! ;-)

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-29 15:30       ` Pupeno
  2005-07-29 17:03         ` Richard Fish
@ 2005-07-29 19:43         ` Ralph Slooten
  1 sibling, 0 replies; 23+ messages in thread
From: Ralph Slooten @ 2005-07-29 19:43 UTC (permalink / raw
  To: gentoo-user

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> As I said in another message, what I read is that the userland tools weren't 
> supporting dm-crypt propersy. Probably I've read something that was outdated.

An old bug I believe. ATM there is nothing I know of that supports a bug
or flaw in any way.

> I didn't mean to use gpg to encrypt the whole file system, that would be 
> insane. I mean that instead of using a password te encript, to use a 
> generated key, which is stronger and to encrypt that key with a password (and 
> keep it on a remobable media).

> But now that I think of it, I don't need that much security (Am I the only one 
> that when reading about security gets paranoid ?).

I agree you don't need that much security, but no, you are not the only
one paranoid ;-) I do not think howevere that any agency would spend
more than 2 days trying to hack your computer without literally trying
to force it out of you. If it's more serious than that, then I guess
they suspect you of having all the plans /addresses of the taliban on
your comp ;-) Then you're on your own, lol. Either way, with plain old
AES it's a matter of brute-force, and with dm-crypt the choice is up to
you what hashing you use. What I mean with hashing is that your PW is
send though a <whatever> hash. The password "passwd" becomes
"kæ?&GòÝ3e.!+1´¦G·Áç.??ñÓû" (in plain ASCII through a sha256 bit system
used by dm-crypt). Of couse it's more compicated than that, but try
getting just that password (the ascii version) with just plain text ;-)
... See you next century.

To give you an example: in Holland they can give you a maximum of 3
months jail sentence for something you refuse to co-operate on .. IE:
the password to your filesystem. If you think the contents are worth
more then 3 months jail sentence keep your mouth shut, else just tell
them. They won't crack your system even if you use 265kbit encryption.
Take the .. ummm what was it called... something with a cow-logo... it
was like seti@home, they solved it, using thousands of computers all
over the world, and it took quite some time (2 years or so? anyone?).
The thing was, it was 56bit encryption ;-) 256bit is a little (actually
a LOT) more.

> I'd like this: home to be encripted in a way that can be mounted thru fstab 
> asking the passphrase at mount-time, with the posibility to change the 
> password easily. I think that can be achieved by using a key and encripting 
> the key on cryptoloop, or it is simpler on loop-AES, because the passphrase 
> con be changed easily, right ? What about dm-crypt ? is the passphrase 
> changeable ?

I believe with loop-AES, yes, but not with dm-crypt .. at least not yet.
They are working on this, but I don't know how far they are. The thing
is, does it need to be changed? This is for home use right? You are your
spouce know the password, but how many others? A password of this
measure does (IMHO) not need to be changes often at all, unless sent
over an uncrypted line often.

As I believe I mentioned in my previous post (beer has gotten hold of
me) I mough my partitions with a bash script. It just has a list of the
commands (with some error-correction) saves as an executable file. Let's
call it "secdrive" ... all I say is `secdrive on` and it mounts it,
asking for the password, and `secdrive off` umounting it. Pretty much
the same way as fstab, except no trace of it there, and what can't be
seen there isn't notived even (at least until "they" search your
.bash_history files etc).

I hope this os actually of some relevance ;-)

If you would like more info, I wrote a tutorial on
http://axljab.homelinux.org/Encryption_-_dm-crypt , and if you want I
can send you my bash script which you can modify to you needs.

Greetings
Ralph

PS: excuse the spelling mistakes. It wasn't my fault ;-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC6obvAWKxH5yWMT8RAo8bAJ0SZdjAZAa4poKxfScSMeNDJCglBgCg4XS9
UEoMt3M9a1dTJD5SEVf4JKw=
=PuMm
-----END PGP SIGNATURE-----
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28  0:48   ` Pupeno
  2005-07-28  5:54     ` Richard Fish
  2005-07-29  7:13     ` Ralph Slooten
@ 2005-07-29 21:33     ` Alexander Skwar
  2005-07-30  7:13       ` Richard Fish
  2 siblings, 1 reply; 23+ messages in thread
From: Alexander Skwar @ 2005-07-29 21:33 UTC (permalink / raw
  To: gentoo-user

Pupeno schrieb:
> On Wednesday 27 July 2005 20:54, Luigi Pinna wrote:

>> I use the dm-crypt from the kernel....
> I've read that it is unsecure 

Where? And how is it insecure?

> Beyond that, encripting with a key is much better than doing that with a 
> passphrase because the passphrase can be cracked (dictionary attack) while 
> the key-encripted that can't.

Bullocks. With enough time, "key-encrypted" stuff can be broken
into as well. Brute forcing is (theoretically) *ALWAYS* possible.

So, if you make the password "random" enough, there's no risk. A few
hundred chars should be sufficient - since you can easily pipe the
passphrase to cryptsetup (and thus don't need to type it in manually),
that's not a real problem.

Alexander Skwar
-- 
Love is a grave mental disease.
		-- Plato
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28  5:54     ` Richard Fish
  2005-07-28 15:56       ` Pupeno
@ 2005-07-29 21:38       ` Alexander Skwar
  2005-07-30  8:12         ` Richard Fish
  1 sibling, 1 reply; 23+ messages in thread
From: Alexander Skwar @ 2005-07-29 21:38 UTC (permalink / raw
  To: gentoo-user

Richard Fish schrieb:
> Pupeno wrote:
> 
>>>I use the dm-crypt from the kernel....
>>>    
>>>
>>I've read that it is unsecure and I also read that it is not yet vory well 
>>suported.
>>  
>>
> 
> Dm-crypt is fairly well supported, since it is in the kernel, but I find 
> it to be harder to setup

hard to setup? How? What's hard about it?

You just encrypt the block device and create an fs on it.

/sbin/lvcreate -nToBeEnc -L5g sys	\
	&& echo 'sekret' | /bin/cryptsetup create Crypted /dev/sys/ToBeEnc	\
	&& mkfs -t reiser4 /dev/mapper/Crypted	\
	&& mount /dev/mapper/Crypted /some/where

Obviously, the lvcreate and mkfs steps are just a one time step :)

> and less 'flexible' than loop-AES (the changing 
> passphrase thing, for example).

Any other example?

> Well, technically, anything can be cracked given enough time and 
> computing power.

Yep.

Alexander Skwar
-- 
Men of peace usually are [brave].
		-- Spock, "The Savage Curtain", stardate 5906.5
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-28 15:56       ` Pupeno
  2005-07-28 18:10         ` Richard Fish
@ 2005-07-29 21:49         ` Alexander Skwar
  1 sibling, 0 replies; 23+ messages in thread
From: Alexander Skwar @ 2005-07-29 21:49 UTC (permalink / raw
  To: gentoo-user

Pupeno schrieb:
> On Thursday 28 July 2005 02:54, Richard Fish wrote:
>> Pupeno wrote:
>> >>I use the dm-crypt from the kernel....
>> >
>> >I've read that it is unsecure and I also read that it is not yet vory well
>> >suported.
>>
>> Dm-crypt is fairly well supported, since it is in the kernel, but I find
>> it to be harder to setup and less 'flexible' than loop-AES (the changing
>> passphrase thing, for example).
> 
> I know it is in the kernes, but I've read that there weren't good userland 
> tool to work with dm-crypt.

Well, there's only cryptsetup. It does all that's needed, is easy
to use and flexible enough (for me).

What's bad about cryptsetup?

> Maybe that has changed and Gentoo's userland 
> tools can work with dm-crypt, what's the status of that ?

?

>> Well, technically, anything can be cracked given enough time and
>> computing power.
> Yes, ok. I should have added a 'practically' there somewhere.

Yep. And passphrases are *practically* just as unbreakable - if
they are long and difficult enough. Like:

b^m&oe-.bw28Ge^[3Ru:M&{0KR[es<~#$TY~VRe+jJ{t0Ko+VSUeuW$e?'@hj!=]I^fa.lJ;&lh4z}?-D5xBQ)"F!W7fZ%X;7j'x[-:&*_yZ6aGw`ZdIu-z|@,;3rP4'+np]pis47I;\9z|SqLHHhv

Alexander Skwar
-- 
A man is like a rusty wheel on a rusty cart,
He sings his song as he rattles along and then he falls apart.
		-- Richard Thompson
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-29 21:33     ` Alexander Skwar
@ 2005-07-30  7:13       ` Richard Fish
  2005-07-30  7:31         ` Alexander Skwar
  0 siblings, 1 reply; 23+ messages in thread
From: Richard Fish @ 2005-07-30  7:13 UTC (permalink / raw
  To: gentoo-user

Alexander Skwar wrote:

>Pupeno schrieb:
>  
>
>>On Wednesday 27 July 2005 20:54, Luigi Pinna wrote:
>>    
>>
>
>  
>
>>>I use the dm-crypt from the kernel....
>>>      
>>>
>>I've read that it is unsecure 
>>    
>>
>
>Where? And how is it insecure?
>  
>

Some history:

The original crypto-loop from 2.4 is very susceptible to watermark 
attacks, where the attacker can write known data to the disk, and look 
at the encrypted results, and then calculate the key from the two.  
Actually, the attacker doesn't even need to write data to the disk if he 
can make a good guess at what a particular block already contains, such 
as with filesystem superblocks.

Dm-crypt has some protection against this by using the sector number of 
the disk as a IV (initial vector) for the hash.  This makes the attack 
more difficult, but not impossible, because the sector number is very 
predictable.

loop-AES can provide much more secure protection against watermark 
attacks in 'multi-key mode' by using a set of 64 keys that are rotated 
for the encryption.  So an attacker must crack 64 keys, instead of just 1.

So dm-crypt today provides the same level of security as loop-AES in 
single key mode, which as I already stated in a previous email, should 
be sufficient for most people.  However, you did ask how it was 
insecure!  :-)

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-30  7:13       ` Richard Fish
@ 2005-07-30  7:31         ` Alexander Skwar
  2005-07-30  8:55           ` Richard Fish
  0 siblings, 1 reply; 23+ messages in thread
From: Alexander Skwar @ 2005-07-30  7:31 UTC (permalink / raw
  To: gentoo-user

Richard Fish schrieb:

> So dm-crypt today provides the same level of security as loop-AES in 
> single key mode, which as I already stated in a previous email, should 
> be sufficient for most people.  However, you did ask how it was 
> insecure!  :-)

Yep, I did ask and I wish to thank you for your explanation!

If I understood you right, the statement that dm-crypt is insecure
is, as far as the usage pattern of most of the users will go, nothing
but FUD. The statement should at least go like "dm-crypt & loop-AES
are all insecure, if used in default mode".

Thanks!

Alexander Skwar
-- 
You know you're using the computer too much when:
u hand in assignments with u and y instead ot you and why
	-- DEaigo
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-29 21:38       ` Alexander Skwar
@ 2005-07-30  8:12         ` Richard Fish
  2005-07-31 11:53           ` Alexander Skwar
  0 siblings, 1 reply; 23+ messages in thread
From: Richard Fish @ 2005-07-30  8:12 UTC (permalink / raw
  To: gentoo-user

Alexander Skwar wrote:

>Richard Fish schrieb:
>  
>
>>Pupeno wrote:
>>
>>    
>>
>>>>I use the dm-crypt from the kernel....
>>>>   
>>>>
>>>>        
>>>>
>>>I've read that it is unsecure and I also read that it is not yet vory well 
>>>suported.
>>> 
>>>
>>>      
>>>
>>Dm-crypt is fairly well supported, since it is in the kernel, but I find 
>>it to be harder to setup
>>    
>>
>
>hard to setup? How? What's hard about it?
>
>You just encrypt the block device and create an fs on it.
>
>/sbin/lvcreate -nToBeEnc -L5g sys	\
>	&& echo 'sekret' | /bin/cryptsetup create Crypted /dev/sys/ToBeEnc	\
>	&& mkfs -t reiser4 /dev/mapper/Crypted	\
>	&& mount /dev/mapper/Crypted /some/where
>
>Obviously, the lvcreate and mkfs steps are just a one time step :)
>
>  
>

First, I did not say dm-crypt was "hard to setup".  I said I find it 
harder to be setup than loop-AES.  Please quote me correctly. :-)

Have you used both loop-AES and dm-crypt?  I have.

If you want to know what, specifically, I find more difficult about 
cryptsetup, it is the documentation.  The grand sum of documentation 
available for dm-crypt/cryptsetup after doing an 'emerge cryptsetup' is 
"cryptsetup --help".  Not terribly informative compared to "man losetup" 
or /usr/share/doc/loop-aes-3.0d/README.gz.

And yes, I know there are better guides online, but it is not always 
possible to go online.

Also, I wanted to be able to change my password.  With loop-AES, this is 
a simple matter of re-encrypting my key file with a new password.  
cryptsetup makes this more difficult.  Not impossible, just more difficult.

<advice>
Also, echoing your password on a command line to cryptsetup is an 
extremely bad idea.  If an attacker happens to be on your system at that 
moment, a simple 'ps' will show them your passphrase.  Even if you are 
not worried about that, you should still take special precautions 
regarding the shell history file.  Otherwise all someone has to do is 
crack your system while it is up and cat your .bash_history file.
</advice>

>>and less 'flexible' than loop-AES (the changing 
>>passphrase thing, for example).
>>    
>>
>
>Any other example?
>  
>

Sure:

o Ability to specify encryption parameters in fstab.
o Automatic cleanup of the encrypted device when the filesystem is 
unmounted.
o Additional security options, if someone really requires them.

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-30  7:31         ` Alexander Skwar
@ 2005-07-30  8:55           ` Richard Fish
  2005-07-30 14:39             ` Hani Duwaik
  0 siblings, 1 reply; 23+ messages in thread
From: Richard Fish @ 2005-07-30  8:55 UTC (permalink / raw
  To: gentoo-user



Alexander Skwar wrote:

>Richard Fish schrieb:
>
>  
>
>>So dm-crypt today provides the same level of security as loop-AES in 
>>single key mode, which as I already stated in a previous email, should 
>>be sufficient for most people.  However, you did ask how it was 
>>insecure!  :-)
>>    
>>
>
>Yep, I did ask and I wish to thank you for your explanation!
>
>If I understood you right, the statement that dm-crypt is insecure
>is, as far as the usage pattern of most of the users will go, nothing
>but FUD. 
>

Yep, FUD, or based on very outdated information, as early versions of 
dm-crypt had the same vulnerability as cryptoloop.

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-30  8:55           ` Richard Fish
@ 2005-07-30 14:39             ` Hani Duwaik
  0 siblings, 0 replies; 23+ messages in thread
From: Hani Duwaik @ 2005-07-30 14:39 UTC (permalink / raw
  To: gentoo-user

I'm not sure if anyone has covered this, but the following pdf was
very useful for me to encrypt my home dir:

www.flyn.org/docs/ehd.pdf

The interesting part was using openssl to encrypt the key and then
using your account's linux password to encrypt the openssl file.  This
way, you can change your account password and without having to change
the encrypted filesystem password/key (in the example, they create a
very random key for the encrypted filesystem and then use pam_mount to
automatically decrypt and mount the filesystems during login).

HTH,

-Hani

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-30  8:12         ` Richard Fish
@ 2005-07-31 11:53           ` Alexander Skwar
  2005-07-31 12:07             ` Luigi Pinna
  2005-07-31 12:58             ` Richard Fish
  0 siblings, 2 replies; 23+ messages in thread
From: Alexander Skwar @ 2005-07-31 11:53 UTC (permalink / raw
  To: gentoo-user

Richard Fish schrieb:
> Alexander Skwar wrote:
> 
>>Richard Fish schrieb:
>>  
>>
>>>Pupeno wrote:
>>>
>>>    
>>>
>>>>>I use the dm-crypt from the kernel....
>>>>>   
>>>>>
>>>>>        
>>>>>
>>>>I've read that it is unsecure and I also read that it is not yet vory well 
>>>>suported.
>>>> 
>>>>
>>>>      
>>>>
>>>Dm-crypt is fairly well supported, since it is in the kernel, but I find 
>>>it to be harder to setup
>>>    
>>>
>>
>>hard to setup? How? What's hard about it?
>>
>>You just encrypt the block device and create an fs on it.
>>
>>/sbin/lvcreate -nToBeEnc -L5g sys	\
>>	&& echo 'sekret' | /bin/cryptsetup create Crypted /dev/sys/ToBeEnc	\
>>	&& mkfs -t reiser4 /dev/mapper/Crypted	\
>>	&& mount /dev/mapper/Crypted /some/where
>>
>>Obviously, the lvcreate and mkfs steps are just a one time step :)
>>
>>  
>>
> 
> First, I did not say dm-crypt was "hard to setup".  I said I find it 
> harder to be setup than loop-AES.

Yes, you're right. But since dm-crypt is so easy to setup with
cryptsetup, I can't imagine how much more easy you want to have
it.

> Have you used both loop-AES and dm-crypt?  I have.

No. dm-crypt is good enough for me. No need for something else.

Is it possible to encrypt the complete block device with loop-AES?
Or does it only encrypt a file that's afterwards loop mounted?

> If you want to know what, specifically, I find more difficult about 
> cryptsetup, it is the documentation.

Well.

>  The grand sum of documentation 
> available for dm-crypt/cryptsetup after doing an 'emerge cryptsetup' is 
> "cryptsetup --help".

Well. I didn't need more.

> And yes, I know there are better guides online, but it is not always 
> possible to go online.

Well. Download the stuff and print it, or something. For me, it's
always possible to go online.

> Also, I wanted to be able to change my password.  With loop-AES, this is 
> a simple matter of re-encrypting my key file with a new password.  
> cryptsetup makes this more difficult.  Not impossible, just more difficult.

Well, no. It IS impossible. You need to create a new crypted device.

> <advice>
> Also, echoing your password on a command line to cryptsetup is an 
> extremely bad idea.  If an attacker happens to be on your system at that 
> moment, a simple 'ps' will show them your passphrase.

How?

/bin/crypsetup < file-with-passphrase

Where does the attacker see the passphrase?

Oh. You took my example way too literally. *echo*ing the password
is an extremely bad idea. You're of course right. But in reality
I of course don't do that. Further, I said, that the password can
be piped to cryptsetup.

Alexander Skwar
-- 
 Paul: Good way to avoid frostbite, folks, put your hands between
 your buttocks. That's nature's pocket.
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-31 11:53           ` Alexander Skwar
@ 2005-07-31 12:07             ` Luigi Pinna
  2005-07-31 12:58             ` Richard Fish
  1 sibling, 0 replies; 23+ messages in thread
From: Luigi Pinna @ 2005-07-31 12:07 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 888 bytes --]

Alle 13:53, domenica 31 luglio 2005, Alexander Skwar ha scritto:
>
> How?
>
> /bin/crypsetup < file-with-passphrase
>
> Where does the attacker see the passphrase?
>
> Oh. You took my example way too literally. *echo*ing the password
> is an extremely bad idea. You're of course right. But in reality
> I of course don't do that. Further, I said, that the password can
> be piped to cryptsetup.

I did it: 
I wrote in /etc/con.d/local.start:
echo
ebegin "Loading Shared device"
/root/cshared.sh
eend $? "Failed to load Shared device"
and the script cshared.sh is:

#!/bin/bash
/bin/cryptsetup -h ripemd160 -c aes create disc_hda /dev/hda3
/bin/mount /shared

In the boot, the system stops at the local init service and wait your 
password, just press enter and the system continues to boot!
Luigi
-- 
Public key GPG(0x073A0960) on http://keyserver.linux.it/

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: [gentoo-user] Encripting /home
  2005-07-31 11:53           ` Alexander Skwar
  2005-07-31 12:07             ` Luigi Pinna
@ 2005-07-31 12:58             ` Richard Fish
  1 sibling, 0 replies; 23+ messages in thread
From: Richard Fish @ 2005-07-31 12:58 UTC (permalink / raw
  To: gentoo-user

Alexander Skwar wrote:

>Is it possible to encrypt the complete block device with loop-AES?
>Or does it only encrypt a file that's afterwards loop mounted?
>  
>

Yes.  Everything that can be encrypted with dm-crypt can also be 
encrypted with loop-AES.

For example, my laptop has two hard drives.  I have a raid0 array with 
hda2 and hdd2.  Loop-AES encrypts /dev/md0, giving me /dev/loop/0.  That 
in turn is a physical volume for LVM2, which gives me the logical 
devices for all of my filesystems (except /boot, obviously) and swap.

>Oh. You took my example way too literally. 
>

Yep. :-)

Cheers,

-Richard

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 23+ messages in thread

end of thread, other threads:[~2005-07-31 13:04 UTC | newest]

Thread overview: 23+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-27 23:18 [gentoo-user] Encripting /home Pupeno
2005-07-27 23:54 ` Luigi Pinna
2005-07-28  0:35   ` Jerry McBride
2005-07-28  0:48   ` Pupeno
2005-07-28  5:54     ` Richard Fish
2005-07-28 15:56       ` Pupeno
2005-07-28 18:10         ` Richard Fish
2005-07-29 21:49         ` Alexander Skwar
2005-07-29 21:38       ` Alexander Skwar
2005-07-30  8:12         ` Richard Fish
2005-07-31 11:53           ` Alexander Skwar
2005-07-31 12:07             ` Luigi Pinna
2005-07-31 12:58             ` Richard Fish
2005-07-29  7:13     ` Ralph Slooten
2005-07-29 15:30       ` Pupeno
2005-07-29 17:03         ` Richard Fish
2005-07-29 19:43         ` Ralph Slooten
2005-07-29 21:33     ` Alexander Skwar
2005-07-30  7:13       ` Richard Fish
2005-07-30  7:31         ` Alexander Skwar
2005-07-30  8:55           ` Richard Fish
2005-07-30 14:39             ` Hani Duwaik
2005-07-28  5:36 ` Richard Fish

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox