[prev in list] [next in list] [prev in thread] [next in thread] 

List:       evms-devel
Subject:    Re: [Evms-devel] encrypted root drive
From:       Jochen Radmacher <jradmacher () gmx ! de>
Date:       2004-10-28 2:17:28
Message-ID: 418056B8.7040906 () gmx ! de
[Download RAW message or body]

Hi,
Robert J. Brown wrote:

>I am investigating the possibilities of creating a system where the
>*ENTIRE* /dev/hda drive is encrypted via the crypto-api thru a loop
>device.  [...]
>
Since kernel 2.6.4 (and early with patches) there is a crypto target for 
the device mapper:
http://www.saout.de/misc/dm-crypt/
A more advanced approach can be found here:
http://clemens.endorphin.org/LUKS
I have this running with evms below the cryptodevice. But it should also 
work below evms, if you can bring evms to look in /dev/mapper for devices.

>The idea here is laptop security (and some other applications
>also).  The box would boot from either a floppy, or better yet, a usb
>flash drive of the keychain fob type.  I already have a usb flash
>drive that I can boot from.  
>
>What I would like to do is have the initrd ramdisk image mount
>/dev/hda thru an aes-256 encrypted loop device, asking for the
>passphrase as part of the boot sequence.  I am still thinking about
>how to allow multiple users and have the password for the encryption
>be derived from a filoe on the usb flash drive together with the
>user-entered passphrase, and also the serial number of the flash drive
>and the serial number of the /dev/hda drive.  This would insure that a
>given flashdrive would only work for a given user, and that the
>flashdrive could not be copied.  It would also enforce the security
>doctrine of "what you have and what you know".
>  
>
Why don't you use a bootpartition? The kernel and the initrd image do 
not need to be secret. The key could be stored on the usbstick, 
smartcard or somewhere else.

>The question here is whether it is also reasonable to layer evms on
>top of the loop device encryption of the /dev/hda drive, so that the
>drive could be manages by evms after everything booted up.  I think
>such an approach would go a long way towards a laptop that could be
>used to store sensitive data, such as medically sensitive HIPPA
>regulated information, or company secrets, or whatever.
>
>I would need to write some scripts to create images for the usb flash
>drives, and of course a reasonable way to install a system onto such
>an encrypted system.  This would probably require the use of a special
>"installation" usb flash drive that would fetch other files over the
>network.
>  
>
I think the newer knoppix CDs have cryptsetup. So you could install your 
system somewhere else. Boot knoppix on your laptop and copy your files 
via network.

>It would also be nice to have a tool to allow converting an existing
>filesystem to the encrypted setup, but I view that as a secondary task
>right now.
>  
>
I haven't  tried it yet, but "dd if=/dev/hda of=/dev/mapper/hda_crypt" 
should work, since the data is always read first from /dev/hda. But keep 
in mind: If you stop this process before it is finished. You'll have a 
big problem recovering your data.

Greets,
 Jochen



-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
Evms-devel mailing list
Evms-devel@lists.sourceforge.net
To subscribe/unsubscribe, please visit:
https://lists.sourceforge.net/lists/listinfo/evms-devel
[prev in list] [next in list] [prev in thread] [next in thread]