Ubuntu Security :: Send A PGP Encrypted File - Support?
Jan 1, 2010
I want to send a PGP encrypted file to a friend who (unfortunately) probably doesn't even have any idea what PGP is. He runs Windows XP. I know I can encrypt and decrypt PGP files easily and freely on Ubuntu, but I have no idea about how to handle PGP in XP... I tried downloading a PGP file in an XP virtual machine to find out, and Windows was pretty much unable to identify the file type. What kind of software on Windows (that is completely free and trustworthy) would be able to decrypt my PGP files?
View 9 Replies
ADVERTISEMENT
Jan 5, 2010
I've just started using ubuntu one. However, some of the files I store on there are sensitive so I encrypt them using seahorse. Right click, encrypt etc etc. My question is, is there a way to automatically get the encrypt process to delete the un-encrypted file when it makes the new encrypted copy?
View 6 Replies
View Related
Mar 7, 2011
I installed Ubuntu 10.10 64 on my laptop with the entire 500gb setup as encrypted LVM. This has worked well for several months with no problems. During this time i have been backing up the data to an external usb drive (1tb) on a regular basis. The usb drive was not encrypted. So, I thought it would be a good idea to encrypt the backup drive too. I wiped out the backup drive and set it up as one large encrypted lvm and mbr. This seemed to work fine but immediately afterwards I decided to erase that and set it up as encrypted lvm guid instead of mbr. I couldn't delete it while logged into my desktop so i decided to do it from a bootable gparted usb stick. In gparted i erased the 1TB backup drive once again and planned on setting it up the way I wanted once I was logged back into my ubuntu desktop. Now I cant boot into my desktop with the following errors:
cryptsetup: evms_activate is not available b0d) does not begin with /dev/mapper/
Then after waiting for a few minutes I get an error followed by (initramfs)
When booting from a live version of ubuntu the 250MB boot patition is recognized and 500 partion is there but it is labeled as empty/unused.
Also, I did choose to use the exact same passphrase as what is used on the main bootable drive when I set up the encrypted partition on the external 1TB drive.
View 9 Replies
View Related
Sep 13, 2010
I am trying to setup a simple SMTP server to relay scanned documents from a Xerox machine to email addresses. Unfortunately the Xerox machine doesn't support TSL or SSL so sending mail over port 25 on gets blocked. I have setup postfix on a desktop running Fedora 13 and have been able to set it up to forward the mail onto the correct server (gmail for example). My question is, how do I get the server to encrypt the emails (scanned documents) when sending them over the internet?
I have tried adding:
Code:
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
But when I look at the wireshark capture of the sending I can read my test message in plain text.
View 2 Replies
View Related
Jan 8, 2010
I am trying to play some of my old dvds, they play in Windows 7, but I get the following using vlc in Fedora 12 (all software in up to date).
[jerry@bigbox Desktop]$ vlc dvd:///dev/sr0
VLC media player 1.0.4 Goldeneye
[0x93058b0] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface.
libdvdnav: Using dvdnav version 4.1.4
libdvdread: Encrypted DVD support unavailable.
libdvdnav: DVD Title: OKLAHM
libdvdnav: DVD Serial Number: 26654F88
libdvdnav: DVD Title (Alternative): OKLAHM
libdvdnav: Unable to find map file '/home/jerry/.dvdnav/OKLAHM.map'
libdvdnav: DVD disk reports itself with Region mask 0x00fe0000. Regions: 1
libdvdnav: Suspected RCE Region Protection!!!
libdvdnav: Suspected RCE Region Protection!!!
[0xb7300710] main input error: ES_OUT_RESET_PCR called
[0xb7300710] main input error: ES_OUT_RESET_PCR called
libdvdnav: Suspected RCE Region Protection!!!
[0xb7300710] main input error: ES_OUT_RESET_PCR called
[0xb7300710] main input error: ES_OUT_RESET_PCR called
I have a dual boot Win7/Fedora 12 laptop. I set the region to 1 on the windows side.
View 7 Replies
View Related
Sep 14, 2010
How can I send gpg encrypted mail automatically from the linux command line?
I'm a little stumped on this one, I've tried using mutt but it doesn't encrypt mail unless it's used interactively.
Does anyone know if you can use the build in mail command to do this some how?
View 1 Replies
View Related
Oct 12, 2009
Does grub2 support booting off of encrypted partitions? I'd like to have an encrypted linux system, but only have space for one partition or logical group in my mbr. Or can I include that one /boot partition in the lvm group.
View 8 Replies
View Related
Jan 20, 2011
in the middle of script, i need to send the output of (send command on line 8) to a file
#!/usr/bin/expect
spawn telnet 172.20.64.133
expect "ENTER USERNAM <"
[cod]....
i treid the below on line 8 :
1- send "show command;
" > logfile.txt : gives an error extra character after the "
2- logsave logfile.txt 'send "show command;
" ': error invalid command
3- i simply tried to send the output of the whole script to file logsave /home/logfile ./script : seems that logsave work under root only
4- ./script > logfile : the problem with this is that the output of echo or (read "enter your id") command will not be displayed on the screen (actually nothing will be displayed, i have to open the log file to see the output). is there any way to save the log of the "send" ? or to save the log of the complete script without hiding the output on the screen?
View 2 Replies
View Related
Feb 20, 2010
I managed to make an encrypted backup of my ubuntu box onto my server and was also able to restore it. I mainly followed this tutorial here. Altough everything worked fine I have two questions:What is that part for ? Quote: export PASSPHRASE=your_passphrase
Just for the fun of it, and to see how it would handle incremental backups I ran the backup command a second time and was, to my surprise, asked to provide my GpG password. Whys that? And how can I "auto-login", since I would like to run this command in a cron job.
View 5 Replies
View Related
Mar 15, 2010
During the installation of Ubuntu Karmic, I picked the option that encrypts my home directory.
A few questions:
(1) Shortly after installation, I was asked to run a command to print a key necessary for data recovery from a rescue CD. I didn't run it at the time and am now looking for the command to run. What is it?
(2) I think I read somewhere that this also encrypts swap. Great. Correct me if that's wrong.
(3) If I suspend the machine, is my home directory encrypted? That is, if I have this on a laptop and travel with the suspended laptop and someone steals it, are my data safe, or not?
(4) I assume the weakest point in the system is my relatively short login password (but I think the install tests it and found it okay). Is there a recommendation how long this should be?
View 3 Replies
View Related
Feb 21, 2011
i started on the "Installation & Upgrades" Forum. So this is basically a repost. I configured an encrypted swap during the installation process of my kubuntu maverick using the manual install CD. I do not use LVM. This worked fine but I made the mistake of assigning a password to the encrypted swap. I would like to change this in favor for a random key. I tried to change /etc/crypttab in the following way:
[code]...
Now the system still asks for a password for sda7_crypt at startup, but does not recognize the old password. It seems that the swap gets a random key and works fine anyway, so I really want to remove only the question for the PW at boot time. This is not a big issue, but it is annoying. When the system is up I can do swapoff and swapon without problems and no password is needed. Directly after boot swap works:
[code]...
View 1 Replies
View Related
Jan 3, 2010
I'm just wondering - what is the best way to set up your encrypted volumes with dm_crypt and LUKS?
My understanding was that aes-lrw ws better than aes-cbc - and then I stumble upon [url] which says that LRW has some problems, and XTS is better? I dont know enough about encryption theory to be able to say anything, so i'm hoping some folks more enlightened will be able to say something here.
I was previously using aes-lrw-benbi to set up a volume. If xts is truly better - should i be using '-c aes-xts-benbi' then?
View 4 Replies
View Related
Jan 31, 2010
There was a recent thread in this forum regarding capturing of SSH passwords via the use of wireshark. The thread subject was closed, which is a decision that I both agree with as well as agree with the reasoning behind. The thread, however, raised a point of curiosity and concern that I would like to ask about. Quoting from a the book, SSH, The definitive guide,
The client authenticates you to the remote computer's SSH server using an encrypted connection, meaning that your username and password are encrypted before they leave the local machine. The SSH server then logs you in, and your entire login session is encrypted as it travels between client and server. Because the encryption is transparent, you won't notice any differences between telnet and the telnet-like SSH client.
I was under the impression that SSH was impervious to this type of eavesdropping, and quite frankly I take great comfort in that idea. I personally, only allow RSA keys for SSH access and (hopefully) avoid this problem (?) as a result. Does SSH really have a vulnerability in that the authentication is sent via plain text? How to ensure the security of SSH and not on anything that could be considered a how to 'crack' it.
View 6 Replies
View Related
Feb 26, 2010
I'm an absolute beginner at encryption. gpg and keys still have me somewhat mystified, so please forgive me if the following seems like a stupid question. I'm looking at encryption software for my smartphone. I've found a Java program called TinyEncryptor that uses the TwoFish algorithm and claims to be a shell for the "Legion of the Bouncy Castle" libraries. It just uses a passphrase; there are no keys involved as far as I am aware.
Naturally, I would like to be able to decrypt files on my desktop that I've encrypted with this program. So far, I've not had any success with finding one.
View 3 Replies
View Related
Mar 9, 2010
I just installed 9.10 on my laptop and selected the option for home folder encryption. I am running DropBox and placed the DropBox folder on my desktop (meaning it should be encrypted when I am logged out.) So I have two questions:
1) Shouldn't this setup cause my DropBox files on the server to be encrypted? Apparently they are not because they appear as unencrypted text using the DropBox Web interface.
2) If they were encrypted on the server (which doesn't appear to be the case right now), how would it be possible to share them with another client unless the encryption on both clients were set up identically?
View 7 Replies
View Related
Apr 26, 2010
While setting up my laptop on a new hard drive (a bad mobo caused writes which pretty much rendered teh old hdd unusable) I was asked if I wanted to encrypt my home partition.
I've been wanting this for several years - even going as far as trying to get a copy of CheckPoint. That's waht my organization uses on all Wintendo laptops and is required.
In any case, I said "yes" and am happily using my laptop with an encrypted home partition. I'm assuming based on this - [URL] - that it is using EncryptFS as the scheme.
if I were to misplace my laptop, how easy would it be for a forensics team to retrieve my data. Let's assume I have a fairly strong passphrase, such as BisZumBitterenEnd3. [URL]
View 5 Replies
View Related
May 3, 2010
I had some major problems after the recent Ubuntu upgrade and had to boot from a live cd. I have a separate /home partition, but it was encrypted using the default install encryption in the 9.10 install cd. How can I get to my files so I can back them up?
I have tried this but it did not work: http://ubuntuforums.org/showthread.php?t=1337693
View 9 Replies
View Related
Jun 11, 2010
I'm using 10.04 with encrypted home dir. I think the behavior below is wrong:
I can log in as root and change user's password. After that the user can log in using new password, which is normal, but it can also decrypt its home dir using the new password, which is dangerous. Assume I lost my computer. This encrypted home dir will not protect my private data because whoever gets the computer can boot it up with a livecd and chroot to change my user's password and then boot up my system and log in using new password.
View 3 Replies
View Related
Jul 19, 2010
Let's begin from the top. I have a relatively new laptop that I've been running Ubuntu on (along with a little-used Windows boot). Picked it up in November or so, installed the current "latest" version of Ubuntu at the time (9.10). I have been doing incremental upgrades, and it's been progressively breaking down more and more. Yes, this includes 10.04.
After GRUB stopped working, I decided it was time to try a reinstall from the top. I told it to leave all the other operating systems alone and do a full reinstall.
Fortunately, I had managed to stuff most of my current work in duplicate locations during this whole debacle, somehow. Don't ask me how I managed to do that when GRUB wasn't working. However, when I installed, I conscientiously said "Oh, yes, Ubuntu, encrypt my home folder! I love privacy!" As a result, about... 30 gigabytes of useful (but ultimately re-downloadable) material is rather inaccessible at the moment. When I try to boot the old system using the newly fixed GRUB, it goes into kernel panic. This seems like a no-go.
I have a saved hojillion-character long passphrase for decryption from my install back in November. Conscientiously saved in the case of just such an emergency.
I read this how-to and followed it to the letter as far as I could tell, trying to mount with ecrytfs to recover my data.
[USERNAME] here is a proxy for my actual username. Yes, the location of my old home folder may seem a little bizarre.
Code:
sudo mount -t ecryptfs /media/c82ca9fe-2b15-4aca-a98d-6482b1d80a32/home/[USERNAME]/ /home/[USERNAME]/oldhome
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
[Code].....
View 9 Replies
View Related
Nov 13, 2010
I've just reinstalled my box with an encrypted home (used the encrypt home option when installing). I have a query in this regard - suppose I lose the box. Won't it be possible for someone to drop into root, reset my passwd and then access my /home. Is there anyway of having a different passwd for accessing /home? My ~ is on a different partition from /.
View 3 Replies
View Related
Apr 8, 2011
I have to operating systems installed, Ubuntu 10.10 and Windows 7, working perfectly. I also have a partition, currently empty, to be shared between both OS, but I would like that partition to be encrypted.
View 2 Replies
View Related
Apr 25, 2011
I'm running Thunderbird with Enigmail, and I have this very annoying problem. When I open an encrypted email for the first time, it asks me for my key password. It then remembers my password. This is fine for a few minutes, since I don't want to enter the password every time if I look at seven emails in five minutes. However, I WOULD like it to EVENTUALLY forget. At the moment, it doesn't even forget if I shut off Thunderbird. I have to restart my computer, in fact.
The preferences for Enigmail don't help. I've configured it to remember the password for 0 minutes, for example. I don't know how to edit the preferences for gpg-agent or anything else like that.
View 2 Replies
View Related
Jan 25, 2011
I want to install Ubuntu 10.04 in my USB flash drive and boot from it because in my working place, only centos is installed in workstations.In advance, I thought of encrypting the installation of Ubuntu in the USB flash drive and In would be very thankfull if some can give me some help regarding this.Basically what I need is, encrypted Ubuntu installation in my usb fashdrive and can boot from it.
View 2 Replies
View Related
Feb 22, 2010
I'm trying to have a LUKS encrypted partition mounted at startup and to have GDM ask for my key so it will decrypt. Now I followed [URL] to the letter. Except for now, I have it just mounted into /mnt/cryptohome so I'm not messing with my system. My problem is the one everyone mentions in the comments, ubuntu isn't asking for the LUKS key in the X display, it's asking in the first terminal (Ctrl-Alt-F1). This will not do. I need it to ask to mount my drive before I'm even asked to login, so eventually I can encrypt my /home.
View 9 Replies
View Related
Feb 25, 2010
I have recently recovered from an HDD failure on my Drobo. One of the disks died and corrupted the entire array (which is not supposed to happen). I have since managed to copy the data off onto smaller disks and after replacing the failed drive, have copied everything back.
Now that im up and running again, i was wondering how this situation would play out on encrypted disks, or in the case of a drobo a large encrypted partition (as you cannot encrypt the entire array).
Would i still be able to recover the data if i were to encrypt it? It is a 4.2TB array, and i assume that I would need to copy the data in its entirety to recover it, so using multiple smaller disks would be out of the question right?
View 5 Replies
View Related
Mar 10, 2010
When I first installed 9.04 (from scratch), I chose the option to have my entire account encrypted... I used the same password as my login password, and wrote down the key hash that it displayed for me just like instructed... everything was working terrific...Well, yesterday, I wanted to change my account password. I changed my account password, and it took effect immediately (I tested it by using "sudo -s" to see if I could elevate to root from the terminal... worked just fine). Being satisfied with my new password, I shut my computer down...
The next time I started it up and tried to log in to my account, it I put in my username and password and pressed enter, and it accepted it just fine, and started to boot to my desktop... it then immediately prompted me with something about "your session lasted less than 10 seconds, try starting in failsafe mode" or something along those lines, and immediately booted me out and back to the gdm login screen... I thought it was just a glitch so I tried again... same thing... gave me the "less than 10 seconds" prompt and booted me back to the gdm...
I thought maybe my filesystem became corrupted, but I didn't give up... I attempted to login to my fiancee's account, and it worked just fine! Using her account, I was able to quickly and safely boot into her desktop environment with no errors...I opened a terminal and used the "su" command to access my account... When I did this, it gave me some kind of error and told me to run ecryptfs (can't remember exactly which command... now). I ran ecryptfs and put in my NEW password... it told me that the passphrase was incorrect. So just out of curiosity, I ran it again, and this time put in my OLD passphrase, and it worked immediately! At this point, I realized that my gdm login password got changed, but my ecryptfs passphrase did not, and the two were not matching up (I assume that on login, gdm passes this password on to ecryptfs, and that when the two did not match up, it was booting me out with the whole "session lasted less than 10 seconds" prompt...)...
So what I did at this point was, while logged into my girlfriend's account, I "su"'d into my account, and used the passwd command to change my password back to my OLD password... once the password was changed back successfully, I restarted my computer and tried to log into my account from the gdm... worked perfectly this time with the old (original) password...When you change your session password, shouldn't it automatically change the encyrption password to match? Or at the very least, warn you that if your account is encrypted, you must take further steps to make these two passphrases match? Also, what command would I use to change my "ecryptfs" password to manually match my session password?
View 4 Replies
View Related
Apr 11, 2010
What are the steps I must take to move my existing home folder to a separate, encrypted partition? Can I create this partition without damaging my current partition? Where is a trusted location to download App Armor profiles? What else can I do to harden the security of Ubuntu?
View 1 Replies
View Related
May 14, 2010
After trying Truecrypt, LUKS, and Ecryptfs I decided to try NTFS encryption. Now, on a dual boot computer from Ubuntu I can browse the encrypted folders but can not open the encrypted files. All attempts produce access denials yet the Unix file permissions appear to be "0777" (owner, group, and world readable-writable).
Is there someway to get Ubuntu's NTFS software to recognize and decrypt the encrypted files? Would a different NTFS package work such as NTFS-3g?
View 2 Replies
View Related
Jul 20, 2010
I want to carry Ubuntu with me everywhere on a LiveUSB but I want to encrypt the home with a strong passphrase in case it is lost or stolen. How do I do that?
View 1 Replies
View Related
Aug 28, 2010
I would just like to know how to, and know if its secure to run the following programs WHILE LOGGED OUT of Ubuntu: openvpn, deluge, and if it can be securely done while the home directory is encrypted.
View 6 Replies
View Related
