So I have a jpg image file that was encrypted using 256-bit AES, and I know the passphrase. That is ALL the information I have about the file. Is there a way (under Ubuntu, preferably but not necessarily on the command line) to decrypt this file?
View 2 Replies
I'm an absolute beginner at encryption. gpg and keys still have me somewhat mystified, so please forgive me if the following seems like a stupid question. I'm looking at encryption software for my smartphone. I've found a Java program called TinyEncryptor that uses the TwoFish algorithm and claims to be a shell for the "Legion of the Bouncy Castle" libraries. It just uses a passphrase; there are no keys involved as far as I am aware.
Naturally, I would like to be able to decrypt files on my desktop that I've encrypted with this program. So far, I've not had any success with finding one.
I recently bought a bigger drive for my laptop which had an encrypted LVM PV on it that I wanted to get rid of for performance reasons. I hit a few snags with the migration and documented it on my blog.
Fancy reading it? Go to my blog post about upgrading harddrive with encrypted LVM.
I just wanted to know if there is any possibility to decrypt a encrypted file with AES crypto without knowing the password.
View 1 Replies View RelatedI've just started using ubuntu one. However, some of the files I store on there are sensitive so I encrypt them using seahorse. Right click, encrypt etc etc. My question is, is there a way to automatically get the encrypt process to delete the un-encrypted file when it makes the new encrypted copy?
View 6 Replies View RelatedI have a major major issue with an encrypted /home directory. I had used encryption on my home directory when I installed 9.10. However, I had not noticed that I needed to store the automatically generated passphrase anywhere. Now, upon installing 10.04, my home directory would not decrypt. I checked my .encryptfs directory and the wrapped-passphrase file is GONE. I only have the Private.sig files from my 9.10 installation and of course know the login password I binded to the passphrase. I can see my .Private directory with filenames starting with ECRYPTFS_FNEC_ENCRYPTED. Now, my PhD thesis which I have to deliver in 2 weeks is in there. With no backups. How to recover my data. If no 'normal' method would work, is it possible to use a brute force attack and feed it my login password?
View 3 Replies View RelatedUbuntu 10.04 LTS Ran some updates,finally got around to rebooting. When I rebooted, It came up with Some errors about missing files. Came to discover my home directory was not decrypted. I simply had a readme file that said to run "encryptfs-mount-private". When I do it doesn't tell me the passphrase is incorrect, it tells me
Code:
Inserted auth tok with sig [xxxxxxxxxx] into the user session keyring You do not own that encrypted directory and I do own it. If I put in a different pass it tells me it's incorrect, I'm logging in fine, but my home directory is remaining encrypted.
I recently popped in the CD that came with one of my textbooks from school and figured I would be able to rip it pretty easily, but guess what? Too my surprise I find that each chapter of the textbook has it's own PDF file and that each one is encrypted. Is there anyway I can decrypt the PDFs and merge them all into one?
View 5 Replies View RelatedI have a computer running Fedora 14 and when I installed it, I chose to encrypt the drive.
I've recently changed the way I have things set up and don't want the encryption any more. From what I've read there is no way to simply and easily remove the encryption, so what I would like to do is input the pass phrase remotely.
so, Is there anyway I can type in the pass phrase remotely, or remove the encryption?
I am trying to open a .rar file with encrypted pictures in it. I use the command line in terminal
unrar --password (file name) (file destination)
it gives me the option next, to put in a password and finally, it says extracting (file name) failed
Is this because the password is wrong (im 99% sure it is right) or because the command is wrong or something?
I installed Ubuntu 10.10 64 on my laptop with the entire 500gb setup as encrypted LVM. This has worked well for several months with no problems. During this time i have been backing up the data to an external usb drive (1tb) on a regular basis. The usb drive was not encrypted. So, I thought it would be a good idea to encrypt the backup drive too. I wiped out the backup drive and set it up as one large encrypted lvm and mbr. This seemed to work fine but immediately afterwards I decided to erase that and set it up as encrypted lvm guid instead of mbr. I couldn't delete it while logged into my desktop so i decided to do it from a bootable gparted usb stick. In gparted i erased the 1TB backup drive once again and planned on setting it up the way I wanted once I was logged back into my ubuntu desktop. Now I cant boot into my desktop with the following errors:
cryptsetup: evms_activate is not available b0d) does not begin with /dev/mapper/
Then after waiting for a few minutes I get an error followed by (initramfs)
When booting from a live version of ubuntu the 250MB boot patition is recognized and 500 partion is there but it is labeled as empty/unused.
Also, I did choose to use the exact same passphrase as what is used on the main bootable drive when I set up the encrypted partition on the external 1TB drive.
I want to send a PGP encrypted file to a friend who (unfortunately) probably doesn't even have any idea what PGP is. He runs Windows XP. I know I can encrypt and decrypt PGP files easily and freely on Ubuntu, but I have no idea about how to handle PGP in XP... I tried downloading a PGP file in an XP virtual machine to find out, and Windows was pretty much unable to identify the file type. What kind of software on Windows (that is completely free and trustworthy) would be able to decrypt my PGP files?
View 9 Replies View Related i need to find a way to securely authenticate a decryption mechanism of some sort where the authentication is provided remotely without any user-interaction. Right now i have a number of boxes that all inform a central server when they are online. When they do this an OpenVPN connection is set up between them and the server.
However, i have been given the task to ensure that the scripts involved in this process are encrypted by default. This requires some form of self-decryption, which to my mind kind of goes against the whole idea of encryption/authentication in the first place. I need some way to leave decrypted the bare essentials required to boot a box and securely connect to the central server automatically. Then the server would automatically send a key/passphrase and the rest of the files on the box would then be decrypted on the fly.
I remember that some time ago I found a guide on the Ubuntu website about adding samba shares to mount at boot via /etc/fstab. The guide also mentioned using a credentials file to store the username and password.
However, the password was encrypted (in md5 I think) and it could not be read directly, but it still worked with fstab mount. If I remember correctly, the file contents were similar to this:
Code:
useraname = user
password = --md5
where was replaced by the encoded password. All was done in terminal. Recently I changed computers, and re-installed Ubuntu, but I forgot to save that file so I am not sure about the contents. I would like to know how to do this again, but I can't find the guide anymore. Does anyone know how to do this? Storing the password in plain text in file readable only by root is not acceptable because it can be read by someone mounting the drive from other operating system, and the share cannot be mounted/unmounted by regular users (which is possible with the md5 encrypted password).
having trouble printing an encrypted pdf file (bank statement) using Okular. Have an HP f-2200 printer with HPLIP 3.9.8 CUPS driver. Using Okular 4.3.5
Every time I tried to print this file the print notification would advise printing began and then printing completed. However, nothing was ever printed. Looking at the print queue I can see that the print queue has also stopped and I need to restart this as root.
I was scratching my head for hours and playing with the print driver thinking there was a problem there. However, everything else prints fine.
I then noticed that this pdf doc is encrypted - but that is all the information that okular gives in the properties dialogue.
I installed acroread and was able to print the document right away without problem. Looking at the properties dialogue in acroread it identifies what is allowed and what is not allowed in the encrypted file. It lists "printing" as allowed.
Does Okular struggle with encrypted files as far as printing is concerned? Worth filing a bug report?
I have got a backfile with extension .tar.gz.enc. After fooling around I found out that it is encrypted gzipped tarball.
View 2 Replies View RelatedI try to encrypt root file system on Opensuse 11.1 and I have found up to two possibilities.
1. [url]
2. [url]
In the first case, i have a Problem with entering password, for each partition on encrypted disk, i must enter my password.(For 3 partition 3 times)
And in the second version to get i nowhere.
Code:
So in an environment where I have 40+ sets of completely unique sets of logon credentials. The only way I've been able to manage this is by keeping them in a hidden and heavily encrypted text file in my home dir.Would like to hear alternatives to this approach if there are any, BTW. Right now I have a script that automates the process of un-encrypting the file, launching an editor and then clean-up with shred -u after editing and re-encrypting.
What bugs me is the interim where I have the file in an un-encrypted state on my drive. It doesn't seem necessary. I have a view script that allows me to see what's in the file without saving it to the drive.
I use the follow command to create a encrypted swap:
Code:
bash# echo "cryptswap /dev/sda5 none swap" >> /etc/crypttab
and edit the 'fstab' file :
Code:
/dev/sda6 / ext4 defaults 1 1
/dev/mapper/cryptswap swap swap defaults 0 0
That's work fine, but I found the permission of '/dev/mapper/cryptswap' is like this:
Code:
hello@world:~$ ls -l /dev/mapper/cryptswap
brw-rw-r-- 1 root disk 253, 4 2010-05-28 12:55 /dev/mapper/cryptswap
Other users can read the file '/dev/mapper/cryptswap', does it harm the system's security ?
I am trying to replace just the kernel (no modules) for my default kernel on FC 11. I use the default .config file and just change a few things and then run the make command. After I replace the kernel and reboot the system the password comes up for the encrypted filesystem and it does not take my password for some reason. what I need to do to get this working?
View 1 Replies View RelatedI just upgraded from F14 to F15 and have a problem with entering the password for the encrypted FS: when booting with the latest entry in the bootloader:
Quote:
kernel /vmlinuz-2.6.38.6-26.rc1.fc15.i686.PAE ro root=/dev/mapper/vg_anonymous-lv_root rd_LUKS_UUID=luks-3ef72221-1165-46a6-ab69-3932e22e9d4f rd_LVM_LV=vg_anonymous/lv_root rd_LVM_LV=vg_anonymous/lv_swap rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=de
initrd /initramfs-2.6.38.6-26.rc1.fc15.i686.PAE.img
[Code]....
I am trying to create an encrypted file and later mount it as a filesystem.
KEY=`tr -cd [:graph:] < /dev/urandom | head -c 79`
echo $KEY | openssl aes-256-cbc > container.key
dd if=/dev/urandom of=~/container.img bs=1G count=10
losetup /dev/loop0 ~/container.img
[code]....
The luksOpen command asks me for my passphrase, but always rejects it. I have retried this several times and written down the passphrase - and even tried with a very simple one just to check. And I never can make it work.
I'd like to find a way to mount a windows file share securely (encrypted) as I'll be communicating over the Internet.
View 4 Replies View RelatedI need a webserver (LAMP) running inside a virtual machine (#1) running as a service (#2) in headless mode (#3) with part or the whole file system encrypted (#4).The virtual machine will be started with no user intervention and provide access to a web application for users in the host machine. Points #1,#2 and #3 are checked and proved to be working fine with Sun VirtualBox, so my question is for #4:Can I encrypt all of the file system and still access the webserver (using a browser) or will GRUB ask me for a password?If encrypting all of the file system is not an option, can I encrypt only /home and /var/www? Will Apache/PHP be able to use files in /home or /var/www without asking for a password or mounting these partitions manually?
View 2 Replies View RelatedI would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)
View 7 Replies View RelatedI'm a long time user of Debian, but I'm having trouble with my partitioning process. Here is where I currently stand:
I am installing the latest Wheezy build. I am trying to install debian with an encrypted LVM that spans two hard disks.
My partitioning layout is as:
1. /home
2. /root
3. swap
4. /boot
I then added partitions 1, 2 and 3 to a physical volume group. I then took that physical volume group and added it to a logical volume. Then I encrypted the logical volume, leaving the /boot partition untouched. I was under the assumption that the only partition the system needed free to reach the loading of the LVM is the /boot partition, as it holds the files necessary for booting. But when I attempt to finalize the disk, it gives an error stating, "No root file system detected". That would be an issue as it is currently sitting inside the encrypted LV. Am I wrong in including the root partition in the encrypted LV?
What is the best way of having as little of my file system non-encrypted as possible while still allowing a proper boot?
there are some configuration files where linux require the password of application user, to do something.how can i to encrypt the password in these files? Or how can i to store that password in encrypted file and retrieve it in secure mode?
View 2 Replies View RelatedCentos 5.3 includes Ext4 and improved support for encrypted file systems but it appears to be aimed at laptop/desktop systems, in that a password must be entered at boot time.
Is it possible to have a server with an encrypted root file system boot up without entering a password?
Mandos will do it...
http://wiki.fukt.bsnet.se/wiki/Mandos
...by serving up the password from another server...
http://packages.debian.org/squeeze/mandos
...to a client loaded into the initial RAM disk environment...
http://packages.debian.org/squeeze/mandos-client
...but it's not available on CentOS, and is only in Debian unstable.
Is there a similar (or any) solution for CentOS?
In particular, I'm envisaging encrypted virtual machines being served passwords from their virtual host.
Alternatively, the data that *really* needs to be protected could be encrypted while the system core remains unencrypted. But then the keys to decrypt the file system must be stored in the unencrypted portion, so this is not an effective method.
Is it possible to have the passwd file for svnserve encrypted, rather than store the usernames/passwords in plain text?
View 3 Replies View RelatedI have a dual boot at home with W7 F15. The Fedora drive is encrypted because that's where all my important stuff is. On the rare occasion that I do boot into Windows, I wondered if there would be any way of accessing my encrypted Fedora drive? Is it possible to decrypt and mount from Windows?
View 1 Replies View Related
