Bulding the crypto partition

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Crypto list members:

        Here is what I did to create my crypto partition, anyone have any
recommendations?

a) dd if=/dev/urandom of=/dev/hda3 bs=524288
b) losetup /dev/loop0 /dev/hda3
c) losetup -e aes -k 256 /dev/loop1 /dev/loop0
d) entered my pass phrase
e) mkreiserfs /dev/loop1
f) mount /dev/loop1 /home

I am not sure that this is the best way for me to do my encryption. I would
like to be able to a "dd" backup of the entire partition, but, if doing so
would foul the encrypted partition on restore, I am prepared to create a
file (the same size as the /dev/hda3 partition), and do the encryption into
the file. Can I do a "dd" backup the way I set it up above?

        Currently I backup by doing:

        hdparm -d1 -c3 -m16 -X66 -k1 /dev/hda
        hdparm -d1 -c3 -m16 -X66 -k1 /dev/hdc
dd if=/dev/hda of=/dev/hdc bs=524288

/dev/hda1 19GB W2K
/dev/hda2   3GB Linux (root partition)
/dev/hda3   7GB Linux (/home)

        IBM 32GB 2.5" HD


Questions, predicated on steps a-f above:

a) If I wish to change the pass phrase I choose above, what must I do?
b) How do I automatically mount the partition when I boot up now?
c) When (in the boot up process) will it ask me for the pass phrase when I
am booting up?
d) Automated boot up (eventually) would be something I would like, so, how
difficult will it be for me to interface reading the pass phrase off a USB
"token" plugged into the back of the system, and passing that pass phrase to
the Crypto API?
e) Would it be hard to modify the Crypto API to get the pass phrase from a
hardware device (haven't look at the crypto API source as yet)?

If someone provides a concise set of rules, I will write a software to
generate pass phrases at random.


Very Respectfully,

Stuart Blake Tener, IT3, USNR-R, N3GWG
VTU 1904G (Volunteer Training Unit)
stuart@xxxxxxxxxxx
west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043
east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859

Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's
free!)

JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL.

Monday, July 09, 2001 2:24 AM


Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux