OpenSUSE Install :: Change Encrypted Swap Passphrase?
Feb 23, 2011I've chosen to encrypt my swap partition while I was installing opensuse 11.3 on my PC.
I want to know how I can change its password(passphrase)?
ADVERTISEMENT
Security :: Change Login Passphrase (to Unlock Encrypted Home Directory)
Nov 21, 2010I just installed the testing version of Debian with the option to setup encrypted home directories. I used a passphrase that I now want to change to something else. How do I do that?
View 4 Replies View RelatedGeneral :: How To Use USB Key For Passphrase For Encrypted / Data?
May 18, 2011I would like to use a USB key to hold the passphrase for an encrypted /Data partition. A forum search turned up only using that method for / which requires initrd. That's not what I'm after.In openSUSE 11.4 I want to boot normally and then automatically unlock the /Data partition only if the USB key is inserted. I'm assuming this would require some kind of automounting after or during the boot process.
View 1 Replies View RelatedSecurity :: Encrypted Partition Get Mounted Without Being Asked For Passphrase?
Sep 20, 2010Hello everI'm really confused by the ways an encrypted partition get mounted.It just mounts the partition without asking for the passphrase used to create it. I can list the files in /mnt/sda2, create a new file test.txt, but have no access to the files written to the "real encrypted partition".Then I can see/change the content of the encrypted partition but without being able to see/change the file test.txt created previously with the normal mount command.
The reason I'm asking is that I'm having my custom Debian to automount every partition available on the system at boot time. Is there any way/command to tell if a particular partition is encrypted (by cryptsetup) or not? So that I can mount it the right way and not make the users confused (or even harm the encrypted data).
Ubuntu :: Auto Mount Encrypted Volume Using Login Passphrase?
May 3, 2010I recently installed Ubunutu 10.04 Netbook Remix onto a Dell Vostro A90. During install I selected "Require my password to log in and to decrypt my home folder", and this is working great.
What I would like to figure out, is how to have a second encrypted volume that lives on my SD Card that is also decrypted automatically upon login.
I've tried a variety of things, but they all require me to re-enter my password at some point during the boot/login, once for user login and the other time to decrypt/mount the volume. I am trying to avoid this, and hopefully will only have to enter my password once. Maybe I can piggyback on the default Ubunutu home directory decryption and make it all appear seamless?
OpenSUSE Install :: Swap Partition : Need To Check Swap File System?
Mar 20, 2011Does one need to Check the Swap filesystem, from time to time
View 4 Replies View RelatedUbuntu :: Encrypted Swap Partition?
Jul 1, 2010I read an article earlier that suggested the swap partition is encrypted by default if you select an encrypted /home folder during installation, is that true (for Lucid)? I am suspecting it isn't because my hibernation works, which I believe shouldn't be the case?
View 3 Replies View RelatedFedora :: Change Size Of Boot And Swap Without Doing A Fresh Install?
May 11, 2011I know its a long shot, but still...
Is it possible to change size of boot and swap without doing a fresh install?
this is how my volume dist is like - root -30 gb, boot 200 mb, swap 8gb, home - 110 gb
my laptop is an amd turion dual core TL-58, with 2 gb ram and 160 gb hard disk...
and i want to change it to what is generally recommended ie boot to 500mb or 1 gb and swap to 4 gb..
the remaining can be added to home...
Ubuntu :: Encrypted Swap And Suspend-to-disk
Feb 15, 2010I have installed ubuntu via the alternate installer, activating encrypted home directories, which in turn enabled to have encrypted swap partitions and disabled hibernation (suspend-to-disk). I understand the arguments for having an encrypted swapspace in these cases. However, I'd like to be nevertheless able to hibernate. Now that the system is already set up, I cannot change and completely encrypt my harddisk via LUKS+LVM as it is suggested in numerous places.Instead, I tried the following. I created two swap partitions (sda7 and sda: one being encrypted via cryptsetup, to be used as a 'real' swap (sda7). Another without encryption, which is not listed in /etc/fstab, so that it is not normally used by the system. I have then configured uswsusp in order to use sda8 as a resume partition:
[code]...
I have decided to encrypt the resume image - I don't care entering a password once every time I resume, it just shouldn't be at every boot. And this way, I can have hibernation without the uncomfortable solution of having my decrypted, open files on the disk as clear text. However, as sda8 is not 'mounted' when I want to suspend, I get the following error:
[code]...
When I try to suspend now, it works. The image seems to get correctly written to sda8. However, on reboot, the image does not seem to be detected and the system is not resuming. I end up with a fresh login screen. would be also to unmount sda8 upon resume, is this better done by entering a hook in /etc/pm/sleep.d or can I just continue in the wrapper script above by executing s2disk.unwrapped only by calling it (without 'exec'), and entering a swapoff line behind it?
Ubuntu Security :: Encrypted Swap Misconfiguration - Again
Feb 21, 2011i started on the "Installation & Upgrades" Forum. So this is basically a repost. I configured an encrypted swap during the installation process of my kubuntu maverick using the manual install CD. I do not use LVM. This worked fine but I made the mistake of assigning a password to the encrypted swap. I would like to change this in favor for a random key. I tried to change /etc/crypttab in the following way:
[code]...
Now the system still asks for a password for sda7_crypt at startup, but does not recognize the old password. It seems that the swap gets a random key and works fine anyway, so I really want to remove only the question for the PW at boot time. This is not a big issue, but it is annoying. When the system is up I can do swapoff and swapon without problems and no password is needed. Directly after boot swap works:
[code]...
Slackware :: File Permission About Encrypted Swap
May 28, 2010I use the follow command to create a encrypted swap:
Code:
bash# echo "cryptswap /dev/sda5 none swap" >> /etc/crypttab
and edit the 'fstab' file :
Code:
/dev/sda6 / ext4 defaults 1 1
/dev/mapper/cryptswap swap swap defaults 0 0
That's work fine, but I found the permission of '/dev/mapper/cryptswap' is like this:
Code:
hello@world:~$ ls -l /dev/mapper/cryptswap
brw-rw-r-- 1 root disk 253, 4 2010-05-28 12:55 /dev/mapper/cryptswap
Other users can read the file '/dev/mapper/cryptswap', does it harm the system's security ?
Ubuntu :: Change Passphrase Login Screen
Jul 31, 2011Is there a way to change the passphrase login screen? It would be cool to change the background and edit the text?
text : Cryptsetup: evms_activate is not avaible
Unlocking the disk /dev/blablablabla
enter passprase
Debian :: Reduce Swap Size On Encrypted Drive?
Apr 30, 2016I installed Debian 8 Jessie with full disk encryption and chose to have everything on the same partition. After install, I notice that my 8GB laptop has a 16GB swap. Is there a way to reduce the swap to 8GB (or maybe 4) whilst not affecting the encryption?
I have a 1TB HDD so space is not an issue but I dislike such waste. The setup used LVM.
Ubuntu :: Stop Bootup Password For Encrypted Swap?
May 8, 2010I've set up a Lucid system with software RAID and encryption, with three encrypted partions - swap (/dev/md1), the root filesystem (/dev/md2), and /home (/dev/md3). The unencrypted /boot partition is /dev/md0.
This works well but the passphrase had to be entered three times at bootup. Obviously it would be preferable to enter the passphrase once to unlock the root partition, then have the others unlocked via key files. So I added key files to the swap and home partitions and modified /etc/crypttab to use them:
Code:
md1_crypt UUID=8066adbc-584c-4766-b188-bc2a7b61a2f0 /root/keys/swap-key luks,swap
md2_crypt UUID=bac82294-f3b9-45e4-89ad-407cf8b19b7b none luks
md3_crypt UUID=7d82a0b7-c811-4cc3-9fe7-1961c74b5ff2 /root/keys/home-key luks
The key files are owned by root and have 0400 protection. (The /root/keys
[Code].....
Since the swap partition is no longer referenced in fstab or crypttab, why is there still a bootup password prompt for it? What else needs to be done to stop it?
Fedora Security :: Change Passphrase For A Crypted Partition In F14?
Apr 4, 2011How to change the passphrase for crypted partitions in F14?
View 1 Replies View RelatedUbuntu :: Logging Into Netgear Router Setup After Passphrase Change?
Jun 29, 2010I changed the passphrase in my Netgear WNR3500 router. I got the teenager's win7 netbook back online (wireless) no prob by simply changing the security key in windoze and it didn't effect my connectivity but when I attempt to enter my router setup by entering my local IP nothing happens, no response at all. I've rebooted twice and my connection is still very solid but I cannot access the router setup. The ONLY change I made was in the router's "passphrase".Not a big emergency at this point I suppose but I need to know what I need to change in Linux? Or to rephrase, in windoze7 passphrase=security key. In Linux?I can just reset the silly thing I guess but was kind of hoping I wouldn't have to and besides I anticipate the same trouble when setting the passphrase afterward.
View 1 Replies View RelatedDebian Installation :: Installer Incorrectly Setting Crypttab For Encrypted Swap?
Oct 29, 2014Setting up a randomly passworded swap partition in Debian installer with the default settings (aes-xts-plain64 w/ AES-256 key strength) gives the following line in /etc/crypttab:
Code: Select all####_crypt /dev/#### /dev/urandom cipher=aes-xts-plain64,size=256,swap
However according to cryptsetup manpage when using XTS mode the key size must be doubled so in effect the 'size=256' parameter above is actually resulting in AES-128 strength, no? To get 256 bit key length the size option should be set to 512. Quote from cryptsetup manpage:
For XTS mode (a possible future default), use "aes-xts-plain" or better "aes-xts-plain64" as cipher specification and optionally set a key size of 512 bits with the -s option. Key size for XTS mode is twice that for other modes for the same security level.
OpenSUSE Install :: System Not Using The SWAP?
Jun 28, 2010I just installed the latest version of opensuse and I just put the RAM and SWAP widget on. I can see the ram meter is working fine but the swap space is always 0. How do I activate the swap so it starts using that space?
View 9 Replies View RelatedOpenSUSE Install :: Can't Reformat Encrypted Filesystem?
Mar 2, 2010I have an encrypted filesystem that I've decided I don't want encrypted anymore. Seems the easiest way to do this is simply reformat the filesystem, but I can't. If I try to do it in YaST2 I get either system error code -3005 (unknown) or -3008 (apparently in use). When I try to do it from the command line I get:
Code:
frylock:/home/joel # umount /dev/sdb5
umount: /dev/sdb5: not mounted
frylock:/home/joel # mkfs -t ext4 /dev/sdb5
mke2fs 1.41.9 (22-Aug-2009)
/dev/sdb5 is apparently in use by the system; will not make a filesystem here!
frylock:/home/joel #
It's unmounted, I don't know how to make it any less in use than that.I can't delete the partition because it's not the last logical partition in the extended partition.
OpenSUSE Install :: Encrypted FS Not Mounting On Boot?
Feb 6, 2011I haven't used encryption previously but through that for better security, I would enable it on one of my disks. I went though the process and when done, copied data to the device etc. My house had a powercut the other day and I noticed that the device did not mount automatically upon restart. Unfortunately, I have forgotten the de-cryption password and have lost access to my data. Is there a way of either recovering my password or getting the partition to mount without the password so I can access the data, copy/back up and then re-create the partition without encryption?
View 2 Replies View RelatedOpenSUSE Install :: How To Remount Encrypted Home
May 21, 2011After update to 11.4, I would like to regain access to my encrypted home that I left intact. Both user.img and user.key files are there, but when I create the same user again in YaST, it does not recognize their presence and it asks again for size of the image. I am afraid it will just overwrite the old image. I do have full backup of hte data, but since its 150GB, I would rather not have to transfer it again.
How can I remount my old encrypted home?
OpenSUSE Install :: Using Shared Swap Files?
Jul 9, 2010Would it cause any problems to use a shared swap partition?Example:
sda1 = swap partition 50 meg
sda2 = / of OpenSuse installation 200 meg
sda3 = / of Fedora installation 200 meg
[code]....
OpenSUSE Install :: Encrypted LVM Boot Hangs After Upgrade
Jul 16, 2010I just upgraded my OpenSuSE 11.2 system to 11.3 and have experienced the following problem:
My hard drive was encrypted beforehand, and after the upgrade(which went smoothly) will no longer decrypt. I type in my passphrase at the prompt, press enter and the start up process never resumes. I am able to access the filesystem from the Rescue System option in the install disk. What's strange is that this worked smoothly on another laptop of mine.
OpenSUSE Install :: Restoring GRUB To A LVM Encrypted Computer?
Jul 27, 2010I am running OpenSUSE 11.3 GNOME, and I recently reinstalled Windows, and it overwrote GRUB. I only have an Ubuntu LiveCD (I installed with the OpenSUSE DVD), how do I get GRUB back? Note that the Ubuntu LiveCD doesn't recognize the LVM Encrypted partition, so I can't mount it.
View 2 Replies View RelatedOpenSUSE Install :: Migrating The Encrypted Home-directory?
Oct 5, 2010I am trying to open an encrypted home directory from opensuse 11.2 with opensuse 11.3. This means i have a user.img and a user.key So far i have done:
losetup /dev/loop3 user.img
cryptsetup luksOpen /dev/loop3 home
Enter passphrase for /dev/loop3:
No key available with this passphrase. At this point it will not accept my passphrase.
A luksDump reveals:
cryptsetup luksDump /dev/loop3
LUKS header information for /dev/loop3
[code]....
When i try to use the key file, i get:
cryptsetup luksOpen /dev/loop3 home --key-file home.key No key available with this passphrase.
OpenSUSE Install :: Setting Up An Encrypted Home Directory?
Dec 12, 2010I am having a problem setting up an encrypted home directory with openSUSE 11.3. I used Yast User and Group Management to edit an existing user to encrypt the home directory and the user.key and user.img files were created in the /home directory. I tried it out and logged in as user and created a new file. I logged out and logged in as a different user and was able to see the newly created file in the first users home directory.
I figured I did something wrong so I went back to Yast and deleted the user. I deleted the /home/user directory using file manager su mode. I tried again to create a new user with an encrypted home directory using Yast and now when Yast tries to write the changes I get an error: "pam_mount is already setup for user. Use --replace to replace the
existing entry." I do not know how to proceed from here except to try with a different user name as I do not understand what the error message means and what command to use --replace with.
OpenSUSE Install :: Encrypted LVM LUKS And Login Screen
Apr 2, 2011I recently installed OpenSUSE 11.4 64 bit with GNOME yesterday and everything is going fantastic. I like it much better than Ubuntu 10.10 64 bit Maverick Meerkat because it is much more stable, reliable, and dependable. I own a heavily modified ASUS N61JV-X2 notebook PC. I installed OpenSUSE using the LVM based method and LUKS encryption. When I turn on the power to my notebook PC, it asks me for my password to decrypt my Intel 2nd Generation 160.00 GB Solid State Drive. I expected this behavior. However, I never get to see the OpenSUSE login screen. After I type in my password to decrypt my SSD, it loads up the desktop immediately. How do I configure my OpenSUSE so that I can see the login screen so that I can select my standard user profile and enter the user password to login?
View 9 Replies View RelatedOpenSUSE Install :: 11.2 On An Existing Partitioning Scheme With Encrypted LVM
Apr 5, 2011I have a Ubuntu server with encrypted LVM2 (logical volumes - /, /var,/tmp,/home etc.). I need to migrate this to an OpenSUSE 11.2 server (cannot use a later version due to the availability of a binary-only module - that is just the way it is). When I fire up the installer, I cannot seem to find an option to mount the encrypted disk (/dev/sda) which has the LVM2 structure. I do not want to lose /home (logical LVM2 volume), so a clean blank slate install is not an option.
View 2 Replies View RelatedOpenSUSE Install :: How Does Encrypted Home Folder Work
Apr 11, 2011I'm guessing that a file is created as a loopback device and encrypted (using LUKS?)
What is the mechanism used at user login to decrypt and mount the encrypted $HOME and to re-encrypt it at logout?
I confess an ulterior motive here - SWMBO has recently got her hands on an Acer Aspire one running Linpus Lite and there's absolutely no security on it
Personally I'd dump Linpus and put on openSUSE but it's her box and she likes the simple interface that Acer have supplied so maybe I can set up the encrypted $HOME as YaST does for openSUSE if I can find out what to do.
OpenSUSE Install :: Encrypted Home Partition Automount?
Jul 24, 2011First off I'm new to the openSUSE community and would just like to say So, to the issue at hand. I recently switched to openSUSE 11.4 from Debian. I noticed the setup didn't have an option encrypt the home folder like it does in Debian, so not being aware of any other way to encrypt it, I created a new partition, backed up my current home directory, created a new partition and mounted it as home before copying in the contents of the backup to the encrypted home partition I created. Now of course it is askingme to put the crypto password in at each boot, which isn't ideal because it's a family machine and no-one would remember the password but me. Is there any way of being able to automount the encrypted partition without having to put the key in every time? Or better yet an encrypted home folder that doesn't require the key to be put in on each login (as in Debian) without even using a dedicated partition.
View 4 Replies View Related