Almost two months ago Nils Philippsen started a thread about disk encryption in Fedora Core. I wanted to make some comments about the progress that has been made and the things that still need to be done. First, it was determined that the lowest hanging fruit was adding support for encrypted swap. This is generally a prerequisite for disk encryption (note that it is possible that Apple didn't get this right[1]). Russell Coker found a nice script from the Debian folks that can be installed in /etc/init.d and used for initializing encrypted swap. A new configuration file, /etc/crypttab, determines how disks are encrypted. [2] is a Bugzilla bug that tracks encrypted swap and includes a link to the cryptdisk script and instructions. Currently the ordering of events needs some work. The cryptdisk initializes encrypted swap after rc.sysinit but rc.sysinit executes ``swapon -a'' before the cryptdisk script runs. Another goal is to add support to Fedora Core for an encrypted root device. In order to do this, mkinitrd must support creating an initrd that can unlock the root filesystem. [3] contains a patch for mkinitrd that does this. Thanks to comments from Russell Coker, the patch now supports booting off a removable disk (only the kernel and initrd reside on the removable disk -- the encrypted root does not need to be removable). The mkinitrd patch also receives it configuration from /etc/crypttab. The encrypted root patch at [3] requires that cryptsetup be statically linked. [4] provides a patch to the cryptsetup RPM specification that does this. Finally, [5] contains some notes about and a link to a patch for util-linux that adds dm-crypt support to mount. This allows one to use the standard mount interface instead of the specialized cryptsetup command to mount dm-crypt volumes. The patch works, but depends on an unreleased cryptsetup 0.2. The author of the patch has not stated if he is going to continue to maintain the patch. The author of util-linux has concerns about loop-aes vs. cryptoloop vs. dm-crypt that must be addressed before he accepts the patch. If you are interested in the util-linux patch, let me know and I will fill you in. Otherwise, this fruit seems out of reach for now. Some progress has been made in implementing encrypted swap and root support in Fedora Core. Other than the requirements noted above, there is still the need for documentation. I plan on writing up some instructions as well a rudimentary attack tree for all of this. Happy hacking! [1] http://www.securityfocus.com/archive/1/367116/2004-06-21/2004-06-27/0 [2] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127378 [3] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124789 [4] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129926 [5] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56698 -- Mike :wq
