at work we have to encrypt all data that goes on an USB-Stick or Notebook with pgpdisk.Having migrated completely to linux at home I look for a way to mount these files to work with the data.
View 5 RepliesI on a dell latitude c500/c600 and running 9.10 and have a maxtor 160 gb external hd that wont mount right. it shows up in / but when i click on it i get the error message:unable to mount location can't mount file. could someone give a suggestion to get this to work.
View 9 Replies View RelatedI am pretty frustrated with Ubuntu security partially because I don't know exactly how to fix things in it like I do windows and you can't always use GUI with Ubuntu which is quite annoying. Basically.. I created a samba share. When I copy files from my Windows machine TO the Samba share the permissions are always screwed up. I can watch the videos but I can't delete them. I have to go into Nautalis? via F2, sudo something and change permissions everytime I copy something into the shared folder. To me, this is stupid.
Another issue... I added a 2nd hard drive to my Ubuntu machine, shared the entire drive. Once again.. when I copy files to the share I can only read them.. I have to keep stealing ownership so to speak over the files. Now, when I want to CUT and PASTE from my Drive "C" Ubuntu to my Drive "D" I dont have access. Ugh... why can't there just be a way to make all files accessable.
Why should I have to pop into a different program to regain permissions everytime. When I create a folder it should STAY that way. Anything I copy into it.. its MINE. Just because I copy from another machine onto THIS machine, I am still the creator of that folder. I SHOULD have access to EVERYTHING in it.
Our problem arose when we upgraded to a new version of Wine to gain compatibility with a Windows program.The new version checks that its working directory is owned by the executing user. If it isn't, then Wine refuses to run.We mount home directories over NFS. When we export, we squash root only -- we don't squash all. Yet from the clients' points of view, users' home directories are always owned by nobody/nogroup (65534/65534).I believe nothing in our exports or fstabs would cause that.
Code:
#Client /etc/fstab line
192.168.1.1:/ /FileServer nfs4 proto=tcp,sec=sys,hard,intr,rsize=3276800
[code]....
I seem to be missing a secure.log or security.log file. I have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else. I'm looking for a file that logs any change to the security settings of the system.
View 1 Replies View RelatedI have a 2nd hard drive that I have encrypted using true crypt. Is it possible to set this up with key files (or some other way) to auto mount when linux boots. I need it in true crypt because there are some work programs I dual boot to use in windows, and need to have access to the drive in XP from time to time, and true crypt can mount there as well. But 90+% of my time is in linux and I would like to have it auto mount through fstab (or whatever way it needs to be). My entire linux setup has been set up with encryption through dm crypt and LUKS (except for /boot). So I would think having a key file stored on the computer and an auto mount fstab would be just as secure as however secure my LUKS setup is. So any way to auto mount a true crypt 2nd drive volume?
View 3 Replies View Relatedi have a triple boot of windows XP,7 and ubuntu10.10 netbook remixis it possible to require a password to mount the windows drivesthere is no log on password on the ubuntu but i dont want people to access the other drives unless they have my password
View 3 Replies View RelatedI have a perfectly OK 2.5 inch disk drive from a dead laptop (graphics card failed).
The hard drive is fine. I know the passphrase.
I had installed Ubuntu 10.04 with full fisk encryption using dm-crypt/luks using the alternate install cd.
I'm not exactly sure of the configuration I selected. Just that its full disk encryption with a pre-boot passphrase prompt.
Now my issue is, I have put the drive into a usb drive docking station, and I simply want to mount the partition on my new laptop, so I can copy the files over.
I've tried googling for various things like "mount dm-crypt drive linux" and "how to mount a luks encrypted partition linux", but I get no results.
I am working on a production system on which it is not advisable to enable on-access scan with use of Dazuko. However, I want to do an automatic scan with clamscan when the flashdrive is mounted. As far as I know, Kudzu is arranging the automount of the flashdrives.
View 5 Replies View RelatedI've lately been getting some strange nfs mount requests for non existant users' home directories on a F14 machine to my file server (CentOS).The message log on the file server shows the following
May 23 03:10:53 data mountd[4835]: can't stat exported dir /export/home/httpd: No such file or directory
May 24 03:21:13 data mountd[4835]: can't stat exported dir /export/home/httpd: No such file or directory
May 25 03:26:53 data mountd[4835]: can't stat exported dir /export/home/httpd: No such file or directory
[code]....
I'm only just starting out with the Linux ubunto 10.04 OS after yeas of wasted time on Microsoft os's,I hope I'm posting this request for help in the right forum thread, if not please accept my apologies, I have tried searching everywhere for help in installing a firmware file into the File System / lib / firmware directory and each time I get an access denied result. The file is for a DVB board and I have managed to track down the right Linux fw file for this particular piece of equipment, Could some kind helpful person either explain how to get this firmware file into the Root System directory or even send a link to another site that deals with this sort of problemI've downloaded all the programs via the Ubuntu Software Center that should be able to perform this task however all to no avail.The reason why I posted this thread in this forum board is that it (in my own personal opinion which may be wrong) seems to me to be a security problem
View 1 Replies View RelatedIs there a way in Lucid to require a sudo password to mount all external drives (e.g. thumb drives, USB CD/DVD drives, USB hard drives)
View 1 Replies View RelatedI've added my public key to the remote machine's authorized_keys file, and I can ssh over without password. But when I try to mount the remote share using sshfs it -always- asks for my user's password. I have set sshd_config|PasswordAuthentication no
... and when I mount the share as root it says, "read: Connection reset by peer". My mount is being done as user, so it shouldn't be a root authentication problem:
sshfs#bill@droog://media/droogfuseuser,noauto,gid=6,umask=007,cache=no,ServerAliveInterval=15,reconnect,allow_other,comment=sshfs 0 0
I can't mount as user because /dev/fuse is not suid, and I'd rather not set it such.
I found a way some times ago to mount a truecrypt volume when opening the session by insertion of the login password in the mounting script instead of putting it in clear in the script. I don't remember to command to read/transfer the password.
View 2 Replies View RelatedI'd like to add a user to my server that will only have access to a mount point over sshfs. Is there any way I can provide them this access without actually giving them permission to open a terminal on my server? I tried /bin/false and /sbin/nologin already, but /bin/false didn't allow the mount point to be made and /sbin/nologin prevented a login completely (also stopped the mount point from working).
View 6 Replies View RelatedI'm running 10.04 running daily updates. A couple days back, I saw an update related to mounting volumes. Not sure if this is what broke my system, but might be. When attempting to mount a partition from nautilus, I get a message saying I do not have authorization. It does not even ask for my password, just fails. I tried running updates and this asks for my password and accepts it fine. I opened disk utility from the menus and tried to mount the volume from there but also got the same permission denied, not authorized without even being asked for my password.
I then ran gksu palimpsest. I was asked for my password and was able to mount and unmount partitions from there. However, when mounted, my applications and nautilus cannot access the data in the partitions mounted using gksu palimpsest. In nautilus, I can navigate to /media/Data (the partition in question) but I get "THE FOLDER CONTENTS CANNOT BE DISPLAYED You do not have the permissions necessary to view the contents of "Data"." When I open nautilus via gksu in the terminal, I do have full access to the partitions.
How do I get my privileges back for my user account. I am the only user on the computer, and I have never set up a root account since my upgrade to 10.04 months ago. I tried of course the Administration->Users and Groups menu, but I am not permitted to change the account type or open advanced settings. I click the button, but nothing happens, not even a password request. Running gksu admin-settings on the terminal allows me access. My current settings are attached.
I have two questions regarding auto mount function of Truecrypt. First question:
I want to automatically mount my flash drive encrypted by Truecrypt using a keyfile whenever I plug the drive. How can I do this? I use Ubuntu 10.10.
Second question:
As I do not know the answer of my first question, I currently use following command in a startup script to mount my encrypted flash drive automatically at every system start-up.
Quote:
/usr/bin/truecrypt -k ~/keyfile --auto-mount=favorites
My problem with this method is, Truecrypt always search for the drive in the same path saved in favorite drives list, e.g. /dev/sdb1. However sometimes there are more than one flash drive plugged to my computer and my encrypted drive's path changes. In such cases Truecrypt cannot mount my encrypted drive because it cannot find the drive in its path.
As a workaround I tried "auto-mount=devices" parameter. It is slow because it checks every mounted drive, and some of them external hard disk big in size. Moreover it does not recognize any mount point parameter. I'd like to mount the drive to the same mount point every time.
Quote:
/usr/bin/truecrypt -t --auto-mount=devices -p "" -k ~/keyfile /media/MyMountPoint
The command above mounts the drive however it is slow and to the destination of "/media/treucrypt1".
After buying an IBM/Lenovo USB fingerprint reader model FP06 and installing Fingerprint GUI, have problems to mount my home folder encrypted with eCyptfs. I was using it since the first time i install Ubuntu 10.10 64 bits. After login from GDM, there are some ways to make it work:
1) open a terminal window and type ecryptfs-mount-private. This decrypt the home folder, but need to logout and login again to my personal preferences can be reached (bookmarks in nautilus, in firefox, etc). Each time the PC is rebooted, the same process is needed to made again.
2) before login in GDM, change to a tty1 terminal (ctrl-alt-F1) and login from here. The personal folder decrypt then without problems. Then change to GDM (ctrl-alt-F, login an everything works fine. What could be the fault from GDM to not mount the encrypted folder?
I wanted to create an encrypted volume that was accessible from F12 and WinXP. Using RealCrypt, I created a volume on a NTFS partition and formatted it as NTFS.
mount point: /home/user1/safe
user dir: /home/user1/safe/folder
When I run:
[root@localhost ~]# realcrypt -t --mount --filesystem=ntfs /mnt/winshare/volume /home/user1/safe
The permissions for "/home/user1/safe" change from 755 to 700 and I am unable to access "/home/user1/safe/folder". Also "home/user1/safe/folder" changes owner and group to root with permissions of 700. My guess is that this is being caused by ntfs-3g, but how to pass on uid options in this example. Is this even doable?
Running Ubuntu 10.04 I noticed my hard disc rumbling for longer than normal and louder. Not doing anything demanding to cause hard disk activity like this so I was suspicious so I checked my process list with 'top' command in the console terminal. At the top was mount.ntfs running. Eventually it stopped running after 20 seconds or so. At the time I have not been accessing NTFS filesystems, but I do have them. I have a dual boot Ubuntu 10.04 and Windows 7. In Ubuntu I've mounted the Windows main C drive and on the same hard disk a partitioned drive for sharing files between the OSs. I know mount.ntfs is a standard program but was it being run on my machine, instigated externally here? Was the running of mount.ntfs an attempt from outside to hack into Ubuntu and the mounted Windows areas of my machine via a backdoor connection or vulnerability? I've restarted my machine since then. Are there any logs I can check for malicious attempts to break in?
View 9 Replies View RelatedI've been running Linux for a year on our family computers (one desktop, one laptop and two netbooks). I've run into a problem with the encrypted ext4 partition (270GB) on a LaCie external hard drive which also has a NTFS partition (50GB) which is not encrypted . First two times I tried using the encrypted ext4 partition (from two different computers) it worked fine but now I can't access it at all. I can still access the NTFS partition.Encrypted external hard drive partition will unlock but won't mount (or unmount). The computer says "Opening 320GB Hard Disk" but after a minute says, "Unable to mount location. DBus error org.freedesktop.DBus.Error.NoReply"Disk utility (GUI for gparted I believe) states that the encrypted partition (/dev/sdb1) is unlocked and the underlying partition (/dev/dm-0) is not mounted but it has a "busy circle sign" on it that will not turn off. The NTFS partition on the same drive mounts and accesses normally.
But if I try to unmount the NTFS partition, it says: "Unable to stop drive. One or more partitions are busy on /dev/sdb"If I try to shut down the computer, it is unable to shut down because (I assume) it can't shut down that drive either. So I have to just turn off the computer.fdisk states that /dev/dm-0 doesn't have a valid partition table [full output attached]fsck suggests: "Filesystem mounted or opened exclusively by another program?"ps axuf shows some processes running on /dev/dm-0 but killinghem doesn't release the drive either. [full output attached]I checked /etc/blkid.tab (suggested in one vaguely related thread) and there's no actual file only a broken link pointing to /dev/.blkid.tab (which doesn't exist). I tried deleting this link and rebooting but that didn't change anything.when I finally gave up my data as lost, I tried to format the partition (using Disk Utility) and it refused saying, "One or more block devices are holding /dev/sdb"
I followed this howto in order to mount CIFS shares on demand. This works great, however, this guide suggests leaving my network passwords unencrypted on the disk. This is a very bad security practice, as the passwords can be easly retrieved by booting the computer using a different OS.
I was looking for a way to secure things up, so I came up with this solution: Instead of storing the passwords plain text on the disk, I store them in a tar file encrypted using GPG. When I boot my system, I open this file to a directory in /dev/shm, and order AutoFS to retrieve the passwords from there.
This does the trick, but I presume this solution is not that secure, since /dev/shm content can be written to the swap partition. Is there any other solution which is a better security practice? Maybe using some sort of keyring service?
i am investigating on solutions to trace a file deletion on a computer( Linux O/S).i also need to determine weither after a file deletion or download on a computer, the computer clock had not been modified. In case a file has been downloaded on a computer and then transferred to a removable device, i need to find out the file activity. i mean i should be able to tell that the file was downloaded and transferred to a device with possible specifications.
View 2 Replies View RelatedWhen I upgraded from FC11 to FC12 of the encrypted raid partitions started to request password on boot (in FC11 not having references to encrypted md1 in fstab and crypttab, was enough for FC11 not to ask for passwords on boot) despite the fact that I removed /etc/crypttab and there is nothing in /etc/fstab relating to encrypted md1 (raid array). I want my machine to boot w/o asking me passwords for encrypted devices, and I will open and mount them myself manually after boot.
View 11 Replies View RelatedActually i'm doing an ingenior training in SAGEM company, well i'm trying to develop an application which is able ti disturb the IP Network,my idea was is to mount 2 Network Interface Card (NIC) and make a bridge to pass the IP flow and to exploit the firewall Netfilter using iptables command.The application has to import a text file containing a binary array like this one:
0 1 0 : 0 corresponds to iptables -p ip ACCEPT
1 1 1 : 1 corresponds to iptables -p ip DROP
0 0 1
==> So the expected result is to have 5 ip datagrams dropped
My idea was: if 0 --> iptables -A FORWARD -p ip -m limit --limit-burst 1 -j ACCEPT
if 1 --> iptables -A FORWARD -p ip -m limit --limit-burst 1 -j DROP
The problem was: After executing the application and parsing the text file,
with iptables -L -v: i have
Code:
-A FORWARD -p ip -m limit --limit-burst 1 -j ACCEPT
-A FORWARD -p ip -m limit --limit-burst 1 -j DROP
-A FORWARD -p ip -m limit --limit-burst 1 -j ACCEPT
which is logic, but when i sniff with wireshark i find more packets are dropped(6,7 or 8 are dropped), like i had put more DROP rules. and sometimes i found the exact value(usually 5 dropped).
I have an Ubuntu 10.04 machine at home and apache setup on it (files are located in a Truecrypt volume). The reason for the web server being that I wanted to access my files wherever I'm at (i.e. hotel, work, hotspots, etc...). So far, it's worked out great for me seeing as a I can http download my files (or stream media files). However, I am often on a public hotspot and I know it's a matter of time before someone finds the webserver on my computer. I have the machine firewalled and password protected (via .htaccess), but either way I don't want people looking in on my computer.
The problem: I have used Truecrypt for a long time and completely trust using the program to encrypt/unencrypt a volume container to store my files. Usually, I would remote desktop into my computer and mount/unmount the volume when I needed it. However, after time it get's really annoying to do this. So I eventually figured out how to setup a bash script to automatically do this for me (which I put on the usb part of my phone). What I wanted to do was to be able send the bash script to my Ubuntu machine (via ftp from my phone) and have Ubuntu automatically run the script. Is this possible? What programs do I need on Ubuntu?
I was thinking about using something like cron, but that is for scheduled times. I don't really have a set time in which I need my files, it's pretty sporadic depending on how much I travel. Thus the need for being able to remotely mount the volume when I need it.
Summary: I need a way for Ubuntu to read a folder every minute or so to check for bash scripts to run. I want to be able to send the bash script via ftp from my phone, have Ubuntu run the script, then delete itself (so as to not store the password). I already know the script in which to mount the Truecrypt volume and how to send the file via ftp from my phone. It's really a matter of what program to use in Ubuntu to find and run the script.
Suppose I have a binary program with only execute permission enabled for the current user. How (in general) would I be able to obtain a core dump of the file? I think I have read it somewhere but I want to know if there are more ways of doing it.
View 1 Replies View RelatedI have a Samba share set up on a SUSE server and users connect to the share via Windows XP workstations. On SUSE, if I create a file and grant ownership to "administrator" and give it 770 permissions for example, when someone goes in to modify that file, they become the owner as soon as they save it, and the permissions change to 470 (r--rwx---+) with an access control list. I want to maintain ownership of the file myself and I don't understand why someone changing the file is changing the permissions on it...This is driving me insane because every time someone saves something I have to go in and chmod 770 it before they can save it again.
View 2 Replies View Relatedi am trying to set the file permissions for the log files "/var/log/Xorg.0.log" and "/var/log/gdm/:0.log". These files seem to be created when a user logs into a whokstation (my guess so far). I am trying to comply with a security mandate that all log files in the directory /var/log are set to 0640. The two mentioned files always seem to have the permissions 0644, does anyone know where and when these filea are created and how I might set the permissions when the files are created
View 1 Replies View Relatedhen i try to mount Cruzer Blade 16GB on Ubuntu Im told that "Unable to mount 16GB file system Not authorized.@
View 15 Replies View Related