Ubuntu Security :: Algorithm Is Used With Full-Disk Encryption?
Oct 20, 2010For some reason I can't find any documentation re: the algorithm(s) used by Ubuntu to encrypt the filesystem... Anyone know what it is?? AES?
View 2 Replies
ADVERTISEMENT
Ubuntu Security :: Install 10.04 Or 10.10 With Full Disk Encryption?
Apr 13, 2011Is there a way to install ubuntu 10.04 or 10.10 with full disk encryption? I read how to do it in the 8.0 version, was wondering if it is still possible?
View 4 Replies View RelatedSecurity :: Can Full Disk Encryption Be Removed ?
Nov 14, 2010I do know about cold boot attacks. But I ran across a couple of posts/websites that had me wonder if it is possible, without the passphrase, to just remove the encryption?
View 4 Replies View RelatedUbuntu Security :: Cannot Get To Grub Menu After Full Disk Encryption?
Jan 13, 2010this isn't really a security question, per se, so feel free to move. It is related to full disk LVM encryption though. Full disk didn't work for me with grub2 after running dd to a remote server, so I downgraded to grub1. No biggie. However, I have neither grub or grub2 as selected in Synaptic.Let's say I forget which I have installed. How would I determine what version of grub is installed at the moment. I'm assuming it's somehow installed on in the mbr but not on the OS. I didn't mean to do anything funky. Is that the normal setup? I'm deploying these systems to users and want to be able to troubleshoot issues in the future (hopefully that will not be needed!) grub --version does not work because it is not installed.
View 2 Replies View RelatedUbuntu :: Recovery From Harddrive With Full Disk Encryption ?
Jan 10, 2011I have a bunch of pictures that I thought I had backed up but as it turns out I didn't, the problem is I formatted the drive they were on.
It is a 1TB hard drive, and it was running Ubuntu 10.10 using full disk encryption from the alternate install CD. After formatting, I installed Ubuntu Server 10.10, also using full disk encryption.
I know the encryption key for both installs (and the keys in fact are the same).
I have turned off the machine, and have stopped writing to the disk. I am hoping because it is a 1TB drive, and I have only written over it with 2GB of data, that there is a chance I can recover the data.
Ubuntu Installation :: Full-disk Encryption On Netbook?
Jan 29, 2011I managed to get a cheap refurbed netbook recently (Samsung N150) and I'm wanting to put Ubuntu on it. As it's also likely to be used when travelling and have things like chat logs, photos, and other such things I'd like to do full disk encryption. Also I've been pointed towards 10.4 as apparently the 10.10 netbook desktop isn't to everyone's taste.
So I tried using unetbootin to make a bootable 10.4.1 i386 Alternate usb stick, which hit the problem of no cd drive. I found an item to add to the boot (cdrom-detect/try-usb=true) which got it a little further, but at a copying stage it threw an error saying it couldn't copy off the disc.
Finally I tried making a unetbootin of the mini iso (does mini even support full disk encryption?) but that seems to hang after selecting a mirror.
EDIT: Well it seems I was just impatient on the mini ISO and after a few minutes it's gone onto time-zone, though of course this could get rather tiresome without a local mirror, especially given this may go through more than one iteration.
General :: Implement Full Disk Encryption?
Jul 14, 2011The only reason why I don't use Linux (even though I prefer Linux over Windows, and can do everything faster and more efficiently) is because each time I try to learn about dm-crypt I give up.
Can someone point me in the right direction for full OTFE on Linux (like TrueCrypt)?
Debian Installation :: Full Disk Encryption (LUKS) LVM
Oct 21, 2015I would like to configure my Debian Jessie system in this way.
Two partitions:
1) /boot on /dev/sda1
2) everything else on /dev/sda2
I want to encrypt the second partition with LUKS. And then install over it a LVM volume. Inside the LVM volume i will create the / (root), /var, /opt and /home virtual partitions. In this way, i'll get asked only once for the password to decrypt all partitions. Because if i don't use LVM, then i'll get asked for the password for each encrypted partition.
I can follow and understand almost everything of this HOW-TO for Archlinux: [URL] ....
Only two passages are unclear to me:
1) Configuring mkinitcpio
I don't understand what i should do here in order to complete this. What should i do in Debian to configure "mkinitcpio"? what is the equivalent thing to do here?
I thought that the kernel would automatically recompile itself with all installed modules on the Debian system, once cryptosetup/LUKS or LVM2 get installed.
2) Configuring the boot loader
I don't understand what should i write in /etc/default/grub. Will GRUB automatically load the LUKS and LVM2 modules? Also, I don't think that i could boot the system in this way:
cryptdevice=/dev/sda2:LVM root=/dev/mapper/LVM-????
Actually the "root=" volume is the whole volume to mount as LVM. It isn't the final root partition.
Debian :: Full Disk Encryption For Linux As Compared To OS X
Mar 20, 2016With all the talk about disk encryption for Apple devices, I wanted to ask about how full disk encryption compares between debian linux and mac OS X. Is the code for debian linux fully available for people to inspect for flaws or backdoors? Apparently although part of the encryption code is available for OS X the full code for Filevault 2 is not public. What are the advantages and disadvantages of each method of encryption for each operating system?
View 8 Replies View RelatedUbuntu Security :: Possible Full Drive Encryption Without Passprompt?
Aug 25, 2010Is it possible to encrypt the entire drive and not be prompted for the passphrase?
I have a request for a demo of our application and I am looking to create a virtual for VMware's player but need to make sure that the vmdk file cannot be mounted and files pulled from it to protect us from reverse engineering of the application.
Ubuntu Installation :: Dual Boot Full Disk Encryption - Windows 7 And 9.10
Feb 13, 2010I've been wanting to do this for a while and after upgrading some of my pc components I decided I would finally try to dual boot with full disk encryption on both windows 7 and Ubuntu 9.10. I managed to encrypt the windows drive with truecrypt and that worked. I installed Ubuntu 9.10 using the alternate cd and everything but /boot is in an encrypted LVM. Each OS is on a separate SATA drive the windows is on sda1 and ubuntu /boot is sdb1.
To setup the dual boot I started out following the tutorial [url] but its for XP and versions of ubuntu that use grub not grub 2. I ran dd as posted and saved the files it produced from truecrypt. I then ran into some problems with grub reinstallation so I simply reinstalled Ubuntu 9.10 from scratch again. This put grub 2 on the computer. I've managed to get it to add a Windows 7 option.
However, when the option is selected truecrypt comes up and says that the bootloader is corrupted and that I need to use the repair CD I burned before I encrypted the drive. My question is does anyone have any experience dual booting using Truecrypt on Windows 7 and LUKS/dm-crypt on Ubuntu 9.10 with grub 2? And how would I get the boot menu to work? I'd rather not reinstall but if I have to I have images from right before I encrypted so it wouldn't be the end of the world.
Ubuntu Installation :: Partitioning - Triple Boot With Full Disk Encryption ?
Mar 28, 2011To structure the layout of my partitions. I'm installing Windows 7, Backtrack 4 R2 and Ubuntu 10.10 Desktop on my laptop. I've got a 500 GB HDD named sda.
I've already installed Windows 7. It's my opinion that it's easiest to begin with Windows.
The partitions look like this right now:
The Windows installation is unencrypted and I want it to stay that way. It's only there in case my laptop gets stolen, I've installed various nasty things there.
The Backtrack 4 installation will also be given 100 GB space, I want it to be encrypted. The Ubuntu installation should get the rest of all the remaining space and preferably be encrypted but it's not 100% necessary.
How I should partition this? There's a limit on 4 primary partitions? How do I circumvent this? There should be one dedicated GRUB partition which will point to each of the installations own boot loaders?
Red Hat / Fedora :: Full Disk Encryption DD - How To Access Data In DD File
Feb 12, 2010I am investigating full disk encryption and have made a DD copy of the hard drive which has been encrypted, this DD file is stored on my computer for analysis.
First question is - Anyone know how i can access data in this DD file even though its been encrypted?
Second question - Is there a DD command where i can image the systems memory? I ask this because when a system is turned on, to get past the pre-boot authentication stage you need a password. From what i understand, this password will be passed in to ram when power is applied to the system. Making a copy of the memory will also copy the password?
Ubuntu Security :: Ext3/ext4 Full Disc Encryption Performance?
Feb 3, 2010I've been using full disk encryption with luks on two Dell laptops for about 2.5 years. One is 64 bit Fedora (upgraded to 12), another is 32 bit Ubuntu (upgraded to 9.10), both were ext3, until recently.Over time, performance degraded substantially, especially on Fedora, which was put to a heavier use. That laptop has 4 Gb RAM, two 2.5 GHz T9300 CPUs, and 56 Gb of free space.
It was especially unbearable after a reboot. Programs like firefox and thunderbird would take close to a minute to start when ran for the first time after a boot. The login process was painfully slow, and some Gnome applets (e.g. Tomboy notes, keyboard layout switcher) would fail to load on the first login, with an error. I experienced this problem on both laptops with full encryption. I had to log out and relogin to make the applets appear. I tried various boot and mount options and was thinking about switching to ecryptfs (encrypted home).
I also use 3 desktops with no encryption and a netbook with ecryptfs on /home, which all work fine. All are Dell, 2 Ubuntu and 2 Fedora. The Gnome applets problem seems to be due to slowness of the installs with the full disk encryption. The last thing I tried is to migrate ext3 to ext4. I also converted /home, /usr, /opt to extents, following[URL].. That seemed to do the trick. Gnome applets now load fine on both laptops, and startup time is back to tolerable.
Is this a typical experience: ext3 performance degradation with time and a much better performance with full disk encryption once ext3 is migrated to ext4?
Ubuntu Security :: Remove The Whole Disk Encryption Without Reinstalling?
Jul 31, 2010Is there any way to remove the whole disk encryption without reinstalling? I'm running Ubuntu 10.04.
View 2 Replies View RelatedUbuntu Security :: Change The Password For The Whole Disk Encryption?
Aug 8, 2010Is there a way to change the password for the whole disk encryption?
View 2 Replies View RelatedSecurity :: 5 Of The Best Free Disk Encryption Tools?
Apr 10, 2011Quote: The importance of security should never be underestimated. The consequences of losing data can be disastrous for any organisation. For example, the loss of a single unencrypted laptop may have huge repercussions. This could include breaching data protection legislation with the risk of a significant fine, a loss in the confidence of an organisation, as well as the risk that sensitive data may fall into the hands of a competitor or third party with malicious intent.
View 1 Replies View RelatedProgramming :: Encryption And Decryption Program In Java And Using RSA Algorithm?
Feb 25, 2011i need a program for Encryption and Decryption using RSA algorithm in JAVA ..
View 9 Replies View RelatedUbuntu Security :: Secure Is Encryption Via Disk Utility (palimpsest)?
Jan 18, 2010I encrypted a harddisk via Disk Utiluty. What alogythm is it encrypted by now? Is it safe? What should I be aware about?
View 7 Replies View RelatedFedora Security :: Remove Encryption From An Hard Disk?
Feb 24, 2009I was trying to install Fedora 9 on my new laptop that came with Win XP. I have selected the option to wipe out all partition and create a default layout with the Encryption option selected. But that installation got stopped on the middle, therefore I have started the installation again. This time it asked for the encryption password as expected but don't know why, its not accepting my password. I am 100% sure that the password is correct but it is not allowing me to enter into the hard disk partition section.
My question is, how do I remove encryption from my hard disk? I don't need to preserve the data, I just need to use my hard disk again. Is there any boot CD that allow us to format encrypted disks without prompting for a password?
Fedora Security :: Disk Encryption With Remote Passphrase?
Jul 28, 2009I have currently a file server that runs on Fedora 9, and all other PCs (mostly running Windows XP) access the file server via SAMBA. Everything works perfectly! However, lately a home invasion in my neighborhood got me thinking. If they take my file server, my data is not protected. So, I would like to implement the LUKS partition encryption (/home) which sits on a separate disk. However, I don't quite like the decryption process at boot time. In other words, I would like to wake up the file server (WOL) remotely, and when it's done booting, I would like to log-in using the other PCs and enter the passphrase remotely to decrypt /home. Is this possible using LUKS encryption (i.e., cryptsetup)? If not, what would be another alternative to what I am trying to do using a secure encryption (so that the data is safe from thieves)?
View 4 Replies View RelatedOpenSUSE Install :: Full Encrypted System (expected /boot)with The Best Possible Algorithm And Key Length?
Aug 18, 2010but I wantto set up a new system with openSUSE 11.3 The system should be fully encrypted. I want to use the best possible encryption.1 I am not sure, AES 256 xts-plain is the most secure single algorithm, isn't it?2 Is it possible to use a cipher? 3 Which algorithm does the yast-installer use when I encrypt the whole system with a logical volume group?I have read this two articles:a) Encrypted Root File System - openSUSEb) openSUSE Lizards encrypted root file system on LVMBut I have to say that these routines are a little bit complicated in my eyes.Isnt there a easier way to encrypt the whole OS?I know there is a 64bit live cd available. 4 So the first description (a) is obsolete?5 How can I set up a (fully encrypted) system without using LVM?The hard disk layout should be done in this way:
/boot sda1
/enhanced partition sda2
/swap sda5
[code]....
Ubuntu Security :: Can Make New Algorithm For /etc/shadow
Aug 16, 2011i use SHA-512 algorithm in the /etc/shadow File But i Want to use my lgorithm ..
how i can remove the sha-512 and use my algoritm ? Because no one can des encrypt it !! He Not Know the algorithm method
Security :: What Is Most Effective Security Algorithm For VPN
Jun 6, 2011i was wondering what is the best algorithm(encryption/decryption) can i use in implementing a VPN application the algorithm am seeking need to be pretty much secure and effective in terms of performance..
View 4 Replies View RelatedUbuntu :: Install A Luks Enabled Grub For Full System Encryption?
Mar 12, 2011I'm trying to install a luks enabled grub for full system encryption. What modules are required by grub to load a normal ubuntu linux system and what is the type to use?
View 2 Replies View RelatedUbuntu Security :: Security, Passwords & Encryption Keys?
Jun 7, 2011I am not very security minded...I'm aware of it, and always made sure I had up-to-date overall protection in Windows but firewalls, and the blasted passwords are largely a thorn in my side!When I got my iPhone last year I suddenly discovered password managers & "wallets" to keep all that kind of information in and syncable across different devices. My life got so much easier. Of course now I need to figure out encryption keys, and how they work (I'm clueless). I also need to find a program or system that I can move my existing low-tech info (mailnly user name & passwords) that will also accomodate the increased needs of Ubuntu security and still be sync-able. I started a little research weeks ago, but my current "wallet" only exports .csv so I quit since I'm going to have to do a lot of data entry whatever I go with.So here goes:
1) what is the difference (bare bones) between using an encryption key (e.k.) vs. a standard user created password? what situations are better suited for e.k.?
2) I have seahorse (default intall with Ubuntu I guess) but the only thing in it is Login under passwords which leads to a login keyring (?) and a drop-down list of about 6-10 of the gazillon passwords I use daily. The other tabs are for keys which I don't have any concept of.
3) I know FF also "remembers" user id & passwords as you choose to have it do so. Is that information transferable into seahorse or another program?
4)I'm also (today) getting ready to really set up my system for user names & security across my little home network. How can I integrate that into whichever program/app I go with to store my pwds and keys?
5)give me links to fairly current documentation on this stuff?
6) Any program/app recommendations.Pros/cons uses, what they can & can't do or be used for, etc.
Ubuntu :: Disk Full - Can't Free Any Disk Space
Jan 2, 2010I'm running mythbuntu 9.04 and am having an issue with disk space.
I try 'rm' various log files but the space I free up lasts less than a minute before the disk reports as being full once more.
df -Th | sort gives:
Quote:
/dev/sda1 ext3 8.3G 7.9G 0 100% /
/dev/sda6 ext3 138G 125G 6.3G 96% /music
/dev/sda7 xfs 783G 617G 167G 79% /videos
/dev/sdb2 xfs 344G 242G 103G 71% /recordings
[Code]....
There's nothing enormous in /var/log and my trash and the root trash are empty.
why size and used fields are not the same despite 100% usage being reported on sda1..
Security :: Acceptable Kerberos Encryption - Error "ktutil: AES256/SHA1*: Encryption Type AES256/SHA1* Not Supported"
Dec 23, 2010I am building an active directory and using BIND9 as my DNS. To allow for secure dynamic updates from the domain, I am enabling GSS-TSIG as detailed here and here. Unfortunately, some of the commands and configurations used here seem to be depreciated, at least in the newer versions that I'm using. My issue is one of keytab encryption. I generated a keytab using ktpass.exe on the Windows Server 2008 domain controller. I have tried DES/MD5, AES128/SHA1 and AES256/SHA1, each have been turned down by ktutil on the kerberos server (FreeBSD). Each time, it outputs the following error: ktutil: AES256/SHA1*: encryption type AES256/SHA1* not supported *Respective to encryption used.
I cannot find a list of suitable encryption schemes that ktutil will accept. The FreeBSD handbook details a means of producing a keytab file, but I'm not sure how to configure the Domain Controller to use the keytab.
Server :: Disk Encryption Vs Performance?
Jan 29, 2010how much of a performance impact full disk encryption (say, AES 256-bit) has on disk-related activities? On one particular project I'm involved in I am trying to weigh out security vs performance issues.
View 1 Replies View RelatedRed Hat :: Best Whole Hard Disk Encryption In Rhel 4.6?
Oct 21, 2010Which is the best whole hard disk encryption software for RHEL 4.6. Tried Truecrypt but was not success in making it work. First had issue with fuse version, then with glibc and etc.
View 5 Replies View Related