Re: Linux distro w/loop-aes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



* Peter_22@xxxxxx wrote:

> markus reichelt <ml@xxxxxxxxxxxxx> wrote:
> > > As you asked for an USB-bootable solution I advise you to follow
> > > example 7.7 from loop-aes readme. This works even with SuSE and you
> > > can encrypt every bit of data on you drives. No bootpartition and
> > > no partition table will remain. Up to now I haven?t seen an
> > > installer that supports encrypted installations.
> > 
> > The beauty of that example is that it can be used also on
> > non-ecrypted root partitions... the system will just boot. Great to
> > test one's setup before actually encrypting root via aespipe.
> > 
> > And about that tweaked installer ... I discussed the issue with a
> > fellow slackware user some time ago. It's most certainly doable, but
> > right now I just lack the time to pursue that project. 

Change of status, I'm currently working on it. 

 
> Aespipe is a good hint! When you lose your USB-Stick or think of a
> key-change for existing encrypted partitions, how do you do that?

Depends on the extent of "losing the key". 

a) key is lost as in utterly destroyed
b) key is lost as in falls into false hands


Regarding a), I would continue to use the same key from the backup
CD-ROM I created during install.

Scenario b) is a totally different story. It boils down to the last
defense of having chosen a long and sufficiently secure password to
protect the key. But with my paranoia level I would create a new key
and dump the old one.

I would not necessarily use aespipe in order to achieve a smooth
transition to the new setup:


> Aespipe pipes data from one partition to the same. It works fine
> unless the PC hangs. It would be fine to have a script that makes
> aespipe use 2 partitions. One for the encrypted data and a small
> one to backup chunks of the ongoing re-encryption. Let?s say a
> partition with 300 GB data is chosen to be re-encrypted with a new
> keyfile. At present aespipe is given both keyfiles and two loops
> are set up to read the data from one loop, pipe it through the
> program and back to the second loop. If the PC get?s stuck in this
> process 300 GB of data are lost. To prevent this, the 300 GB are to
> be segmented into 100 MB chunks and the above process is done
> again. This time with a second partition to store a temporary 100
> MB file and an index file that keeps the record of the loop?s
> offset and size for the actual chunk. In case of a crash the
> temporary chunk can be replayed and the index file provides the
> information on where to replace the data and how to continue the
> re-encryption process. Data protected against crashs, mission
> accomplished. A person with good knowledge in linux shell scripting
> might write this tool in a few hours.

I disagree. It is possible, as you describe, but it lacks
flexibility aka have plan B ready.

Never ever work without a backup. And keeping the example of using a
new key in mind, the whole process would not rely on stability during
the aespipe run. Maybe one wants to change the cipher too, f.e.
migrate from AES to Serpent...

So I would create a backup of the data on an encrypted partition (be
it a partition image in a file via dd or a filesystem clone via tar),
then copy the data back to the new setup. aespipe is convenient, yes,
but I only use it where absolutely necessary / for testing purposes,
for the known examples of using aespipe on the very same parition are
of a wire-dancer nature.

-- 
left blank, right bald

Attachment: pgpTGUakv9kjL.pgp
Description: PGP signature


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux