Fedora Security :: Change Passphrase For A Crypted Partition In F14?
Apr 4, 2011How to change the passphrase for crypted partitions in F14?
View 1 Replies
ADVERTISEMENT
Fedora Security :: Crypted Tmp And Swap In Fstab?
Mar 13, 2009I'd setup my new notebook letting auto-crypt swap and temp - temp for /tmp and /var/tmp - using /etc/crypttab. So I made into cryptab following:
swap /dev/sda6 /dev/urandom swap,cipher=aes-cbc-essiv:sha256
tmp /dev/sda7 /dev/urandom tmp,cipher=aes-cbc-essiv:sha256
vtmp /dev/sda9 /dev/urandom tmp,cipher=aes-cbc-essiv:sha256
[code]....
Security :: Encrypted Partition Get Mounted Without Being Asked For Passphrase?
Sep 20, 2010Hello everI'm really confused by the ways an encrypted partition get mounted.It just mounts the partition without asking for the passphrase used to create it. I can list the files in /mnt/sda2, create a new file test.txt, but have no access to the files written to the "real encrypted partition".Then I can see/change the content of the encrypted partition but without being able to see/change the file test.txt created previously with the normal mount command.
The reason I'm asking is that I'm having my custom Debian to automount every partition available on the system at boot time. Is there any way/command to tell if a particular partition is encrypted (by cryptsetup) or not? So that I can mount it the right way and not make the users confused (or even harm the encrypted data).
Security :: Change Login Passphrase (to Unlock Encrypted Home Directory)
Nov 21, 2010I just installed the testing version of Debian with the option to setup encrypted home directories. I used a passphrase that I now want to change to something else. How do I do that?
View 4 Replies View RelatedFedora Security :: Use A Passphrase - Not A Password
Feb 9, 2010Simply, the number of possible combinations of passwords increases as an exponent of the number of characters used and as a factor of the number of characters available for use.
26 potential characters for a 2 character password results in 26^2 possible password combinations. This means that each new character added would result in an "order of magnitude" increase in the difficulty of brute force attack.
Using a phrase, complete with punctuation and capitalization is the very best mnemonic device to remember a password. Consider this, how hard is it to remember; The quick brown fox jumped over the lazy dog.
Than it is to remember, l33tsp34kp@ssw0rd
If we pretend that both of these passphrases are generated from a character set consisting of 26 characters, the first would be one of a possible 15274273784216769021564085930704478424313742483024 510976. The second would be one of a possible 1133827315385150725554176.
In short, use a passphrase not a password, they are much MUCH more secure.
Fedora Security :: Disk Encryption With Remote Passphrase?
Jul 28, 2009I have currently a file server that runs on Fedora 9, and all other PCs (mostly running Windows XP) access the file server via SAMBA. Everything works perfectly! However, lately a home invasion in my neighborhood got me thinking. If they take my file server, my data is not protected. So, I would like to implement the LUKS partition encryption (/home) which sits on a separate disk. However, I don't quite like the decryption process at boot time. In other words, I would like to wake up the file server (WOL) remotely, and when it's done booting, I would like to log-in using the other PCs and enter the passphrase remotely to decrypt /home. Is this possible using LUKS encryption (i.e., cryptsetup)? If not, what would be another alternative to what I am trying to do using a secure encryption (so that the data is safe from thieves)?
View 4 Replies View RelatedFedora Security :: Disable Prompting For Passphrase At Boot
Feb 8, 2011I have an encrypted disk, using LUKS / dm-crypt, on Fedora 14.Every time I boot, I am immediately prompted for the passphrase. This happens VERY early in the boot process, and is a graphical screen (ie not console text). If I hit escape, I am prompted in a text-mode for the same passphrase. If I hit escape or return a few times, boot continues normally.
I only mount the disk occasionally, and don't want to be prompted at boot for the passphrase to luksOpen the disk at boot. I manually cryptsetup luksOpen and then mount it when I want access. I just don't want to be asked at boot, and don't want to unlock it until I do so manually.Does anyone how how I can tell Fedora to not attempt to decrypt / mount this filesystem at boot?It's not in /etc/fstab. I should mention, no LVM, just mdadm raid5 on the partition + luks /dm-crypt.
Ubuntu Security :: Error - No Key Available With This Passphrase.
Sep 2, 2010I'm trying to add a key to a new slot from a keyfile that I created, but I keep getting an error and I don't know what the problem is.
Code:
root@ubuntu:~# cryptsetup luksAddKey --key-slot 1 /dev/sda5 -d /media/Ubuntu_10_04/etc/cryptkeys/swap.key
No key available with this passphrase.
content of swap.key
Code:
nBPeNCr_PS-yEv5SYEyyzaEextllDLo7aHs7yZGW9dtC48GDlte6WYQe7iG2poJr84U6twxu1DImZcyoBPB1q1AjYAanPsre7qLr7VnN4G6u1x_WG-sja6U_pvnks9CTgcD4UmfBw9mkrU3YY4GknQXtpLvkiBkM1soJ0SYYQ2r-7CDZJvaiYJb9eOKKbMsjlrEG39IBdQwdcEp3D7PK5paTYZdVHU2ygrJvJy-sJly4oqb2274DO8hbYviQsPdawetglkhhhhhhh98h4erwjerfkasjnfhsahfocLnBPeNCr_PS-
[code]....
Security :: Gpg - Passphrase Goes Interactive With V1.1.8-4.fc13
Aug 4, 2010I need an non-interactive, symetric, passphrase mechanism that can be used on machines beyond my sys-admin control. Currently, I use the Python code (with variants):
Stat, Output = commands.getstatusoutput(
"gpg -c --passphrase=%s '%s'"%(Password, TarFileName))
to encrypt and decrypt files (tar balls). The "Password" is generated by a Python code on a singular removable flash drive. It worked with FC11 and Windows, but with FC13 I get an interactive dialog, which gets canceled, and then: can't connect to `/home/{a user id}/.gnupg/S.gpg-agent': No such file or directory
gpg-agent[3432]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `testdata' failed: Operation cancelled
The operator does not know the pass phrase. This is a single user mechanism which relies upon the mounting of the special flash drive to work. The application is portable across many platforms and hosts, but can only be used by the possessor of the flash drive.
Security :: How To Enable Passphrase For Access Via Ssh?
Apr 21, 2011How can I enable passphrase along with the password for login via ssh ? In that whenever I login from server A to server B via ssh, it should ask me for a password and then passphrase to allow me access.
OR
Can we have multiple passwords to login via ssh ?My basic need is to have 2 levels of password.
Ubuntu Security :: Root Encryption Without Passphrase?
Sep 5, 2010i have installed a ubuntu 10.04 (mini iso) w/ option of root encryption. Now i need to boot without ask for passphrase, but im trying to add a luks keyfile without success.i want to use a keyfile in the /boot partition or inside the initrd (cant be in external pendrive), but ubuntu aparently dont accept a keyfile in /boot or initrd file. I know, this way isnt very security, but i just need a basic encryption.So, how to force the use of a keyfile in /boot or inside the initrd for a crypt root partition?
View 5 Replies View RelatedUbuntu :: Change Passphrase Login Screen
Jul 31, 2011Is there a way to change the passphrase login screen? It would be cool to change the background and edit the text?
text : Cryptsetup: evms_activate is not avaible
Unlocking the disk /dev/blablablabla
enter passprase
Security :: Increasing The Strength Of A Key- Ssh-keygen -t Rsa -b 2048 Without A Passphrase
Jun 8, 2010I was wondering whether increasing the strength of a key by increasing the number of bits in the key to 2048 makes any sense if I want to leave the passphrase blank anyway? I'm setting up passwordless ssh logins on my LAN as I'm a bit tired of constantly being asked for a password.
View 7 Replies View RelatedOpenSUSE Install :: Change Encrypted Swap Passphrase?
Feb 23, 2011I've chosen to encrypt my swap partition while I was installing opensuse 11.3 on my PC.
I want to know how I can change its password(passphrase)?
Ubuntu Security :: Changed Password But Didn't Update Passphrase
Apr 19, 2011When I set up an ID in Ubuntu, I encrypted it. I did a print screen of the passphrase and put it on the desktop. I'm just learning how to use the encryption so don't fault me for putting it right on the desktop. There is no important data in this ID. Now, I went and changed my password to the account. On the next boot, I got a few error message:
Could not update ICEauthority file /home/mickymouse/.ICEauthority
There is a problem with the configuration server /usr/lib/libconf2-4/gconf-sanity-check-2 exited with status 256 In researching these, it looks like the problem is that I changed the password but didn't update (or something) my passphrase.
I can't boot into the GUI but I have figured out how to boot to a command prompt. I don't have access to my home directory because I don't have my passphrase. Am I toast or is there a way to recover / update the passphrase?
Ubuntu :: Logging Into Netgear Router Setup After Passphrase Change?
Jun 29, 2010I changed the passphrase in my Netgear WNR3500 router. I got the teenager's win7 netbook back online (wireless) no prob by simply changing the security key in windoze and it didn't effect my connectivity but when I attempt to enter my router setup by entering my local IP nothing happens, no response at all. I've rebooted twice and my connection is still very solid but I cannot access the router setup. The ONLY change I made was in the router's "passphrase".Not a big emergency at this point I suppose but I need to know what I need to change in Linux? Or to rephrase, in windoze7 passphrase=security key. In Linux?I can just reset the silly thing I guess but was kind of hoping I wouldn't have to and besides I anticipate the same trouble when setting the passphrase afterward.
View 1 Replies View RelatedSecurity :: Debian Shows File Permissions Change When Copied To A Windows Partition?
Dec 10, 2010Some time back using this computer a SucKit rootkit was found. Having dd urandomed the drive, flattened CMOS battery, flashed BIOS, run Knoppix live CD 6.1,using no flat pack battery (laptop), and memtested the RAM, I am still having problems with what I suspect is a javascript file that tries to reload the rootkit from? firmware. I suspect the firmware as everything else should have eradicated it??
Also it or a hacker via a backdoor then corrupts the drivers so devices malfunction. Windows security programs and rootkit detectors don't seem to pick it up. Fresh install of Windows or linux after the above still show this problem, though internet not used. The person who admitted rootkitting this machine is capable of writing java programs or using javascripts to do all this.
When viewed using Ubuntu 8.4 files and dates on a Windows partition appear normal both in file manager and terminal. However booting using Knoppix CD these files are all green, and I cannot change their permissions, even as root. ie: everything is green including text files etc. If I copy them to a linux partition, I can change their permissions and make them nonexecutable and nonwritable. Also on the Windows FAT32 partition the . directory has the date 1 Jan 1970.
If I disable any green files, I can shutdown and reboot cleanly. If I don't I start having problems shutting down [/usr/sbin/init ?] And always these follow a pattern:
Can't remember details as I have now corralled the beast but error messages relating to:
nfs-server
inet.d/statd
are the start of these.
Fedora Security :: Security Risk Of An Unencrypted /boot Partition?
Apr 8, 2009During a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies View RelatedFedora :: How To Removing Passphrase From RSA Private Key?
Sep 9, 2010I am using Fedora 13 x64.I want to removing passphrase from the RSA Private Key then harden the decrypted Private Key.When I tried section 6.6 guide line, I get directory does not exist?I don't know where my server.key is stored.
View 1 Replies View RelatedFedora :: Make KDM Not Prompt Me For SSH Passphrase?
Jul 7, 2010Every time I log in to my Fedora 13 system, I am prompted for my SSH pass phrase.
I would like to be prompted the first time I login after booting, but then have ssh-agent continue to run until I kill it or shutdown so I don't have to be prompted every time.
Where do I configure this?
Ubuntu Installation :: Restore A Backup On Dm-crypted LVM
Jun 7, 2011I have an encrypted volume, which contains LVM volume group with volumes. I have unencrypted /boot and the rest is on that encrypted lvm. I have a backup I want to revert to, but that backup has a different kernel, and I don't know how to update the /boot since I have suspicions that the system won't boot if I just restore / . I think I need to run update-initramfs and grub-install at some point..
View 9 Replies View RelatedSlackware :: Cannot Mount Dev/mapper/crypted-drive?
Feb 18, 2010Well as you can see from my sig I am running Slack 13 and unfortunately did not discover the readme_crypt.txt on the installation cd until it was far too late. Not to worry, many hours burned and things learned.So I compiled and installed cryptsetup and for my test encryption I am using an external usb harddrive (sdb3).First off cryptsetup kept segfaulting with the luksFormat command and this seems to be a know bug. The workaround it to pass USE="dynamic" to config before you build the package. Then
Code:
# cryptsetup.dynamic -h sha512 --verify-passphrase luksFormat /dev/sdb3 test-crypt
# cryptsetup luksOpen /dev/sdb3
[code]....
Fedora Servers :: Ssh Authentication With Passphrase+password?
Jul 19, 2011We have small requirement, we need to connect to ssh server through ey+Passphrase+password. Is it possible to configure this type of authentication in any version of openssh/fedora.
View 3 Replies View RelatedFedora :: Log Down The Change Of My Partition?
Mar 7, 2010I installed Fedora in an external hard drive, and encrypted all the file systems by using LUKS except /boot. What I want to implement is, every change on /boot is logged to encrypted file systems, in order to improve the security. I got a peek to audit, but it seems that audit is the tool which can only log down the information immediately. If one day, somebody gets my hard drive, and modifies the kernel or ram disk file, then returns it to me, how can I detect there is a modification on /boot?
One solution I got (which is not pretty good for me) is, I can use dd to make a whole image of /boot to my encrypted partition, and check whether the image and the /boot partition is the same after every boot...
Fedora Security :: How To Change About Permissions
Jun 22, 2009i try to copy file music .oog .wav from Music folder to /usr/share/sounds/freedesktop/stereo but i can't and in folder /stereo i can't manage rename ,cut ,move to trash for all file .ogg when i right click at file to look Properties > at permissions i saw owner : root can not change these permissions
that 's i not understand about owner . and how i can change these permissions ?
Fedora :: Caching Passphrase For Symmetric Encryption In 13 (emacs 23.1)
May 31, 2010I just upgraded to Fedora 13, with emacs 23.1. Now when I edit a .gpg (encrypted) file, emacs doesn't cache the passphrase, so when I save the file emacs demands that I repeat the passphrase twice.Previously, the following line in .emacs made it cache the passphrase:
Code:
(setq epa-file-cache-passphrase-for-symmetric-encryption t) This is supposed to work, according to the documentation [URL], but in Fedora 13 emacs it seems to have stopped working.
Fedora X86/64bit :: Find A Prompt For The Same Passphrase For The IDE Drive?
Aug 12, 2011I recently was given a system with an ASUS A8V motherboard, AMD Athlon 64 3000+ 1.8GHz CPU and one 60 GB SATA disk to which I added a 120GB IDE disk. As the disks are on different (built-in) controllers and are different speeds, I set up /boot, root and swap on the SATA disk, and then one big /home partition on the IDE drive, using the custom partitioning. If I install Fedora 15 32 bit (from DVD) with encryption enabled, I get prompted for the encryption passphrase during bootup as I would expect. If I install Fedora 15 64 bit (from DVD), I get that same prompt and the boot hangs. I can then bring up a serial console where I'll find a prompt for the same passphrase for the IDE drive. I can enter it and the boot will proceed.
I am now running F15 64 without encryption; I would like to get encryption working again but without having to enter the passphrase twice. Plus I figure that this *should* work the same under both the 64 and 32 bit versions. I have had to reinstall this system a few times, using both versions -- the behavior has been consistent.
Red Hat / Fedora :: Change Bootable Partition?
Jun 1, 2010changing the bootble parttion in linux using lilo. Presently when i boot the system i will be booting from primary partition(/dev/sda1) . Is there any commando to change the bootable partition to secondary(/dev/sda2)
View 6 Replies View RelatedUbuntu Installation :: Crypted Disk Not Mounted Anymore After Upgrade
Dec 22, 2010After upgrade from 10.04 to 10.10 I can't mount anymore my crypted disk image.I've an old backup of this image, but when I try to mount it, system give me same errors.
View 2 Replies View RelatedFedora Security :: How To Change Password Complexity
Aug 26, 2009I want to change the password complexity how do i do this?
View 9 Replies View Related
