LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity

updated

This commit is contained in:
gferg 2003-12-19 02:51:24 +00:00
parent efa489f1ea
commit 9a914765c8
5 changed files with 84 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
LDP/howto/docbook/Disk-Encryption-HOWTO.xml
View File

@ -15,9 +15,18 @@
</affiliation>
</author>
<pubdate>2003-10-09</pubdate>
<pubdate>2003-12-18</pubdate>
<revhistory>
<revision>
<revnumber>1.3</revnumber>
<date>2003-12-18</date>
<authorinitials>DB</authorinitials>
<revremark>added link to Diceware</revremark>
</revision>
<revision>
<revnumber>1.2</revnumber>
@ -70,7 +79,7 @@
</copyright>
</articleinfo>
<sect1 id="intro">
<sect1 id="Introduction">
<title>Introduction</title>
<para>I&#39;ve got <ulink url="http://www.handhelds.org/z/wiki/HPTc1000">a
@ -127,7 +136,7 @@
url="http://www.tldp.org/HOWTO/Multi-Disk-HOWTO.html">partitioning,
mounting, and unmounting disks</ulink>).</para>
<sect2>
<sect2 id="TechnicalSummary">
<title>Technical Summary</title>
<para>The encryption is implemented through a special kind of
@ -152,7 +161,7 @@
<literal>losetup</literal> is 2GB.</para>
</sect2>
<sect2 id="copyright">
<sect2 id="CopyrightAndLicense">
<title>Copyright and License</title>
<para>Permission is granted to copy, distribute and/or modify this
@ -165,7 +174,7 @@
Linus Torvalds.</trademark></para>
</sect2>
<sect2 id="disclaimer">
<sect2 id="Disclaimer">
<title>Disclaimer</title>
<para>No liability for the contents of this document can be accepted.
@ -188,7 +197,7 @@
production system.</para>
</sect2>
<sect2>
<sect2 id="Acknowledgments">
<title>Acknowledgments</title>
<para>Thanks to Linus Torvalds, Jari Ruusu, and all the developers who
@ -207,14 +216,14 @@
critique my writing and offer suggestions.</para>
</sect2>
<sect2 id="feedback">
<sect2 id="Feedback">
<title>Feedback</title>
<para>Feedback is solicited for this document. Please send additions,
comments, and criticisms to the author.</para>
</sect2>
<sect2>
<sect2 id="Approaches">
<title>Approaches</title>
<para>There are three different approaches we can take to encrypt the
@ -234,23 +243,6 @@
keychain instead of the key because we can store lots of keys, each for
different computers, on the same medium.</para>
<warning>
<para>In the whole disk and partition approaches, we create one swap
space and one root file system. Some people want more than a single
encrypted partition for the root file system. Unfortunately, the
method detailed here relies on the offset parameter of
<literal>losetup</literal> to create &#34;subpartitions&#34; within
the asset. The offset parameter is limited to a maximum value of 2GB,
limiting the size of all but the last partition to 2GB. This works
nicely for swap, which is already limited to 2GB on the i386
architecture, but I&#39;m guessing it won&#39;t be practical for other
uses. Using it to create multiple partitions smaller than 2GB is left
as an exercise for the reader. If multiple encrypted partitions larger
than 2GB is important to you then I recommend you wait for the release
of Linux 2.6, which will make the use of the offset parameter
unnecessary.</para>
</warning>
<sect3>
<title>Whole Disk</title>
@ -265,6 +257,22 @@
as large as practical. By putting the encryption fence around your
whole hard disk, you won&#39;t have to worry about data becoming
unprotected if it jumps to another part of the disk.</para>
<warning>
<para>In this approach, we create one swap
space and one root file system. Some people want more than a single
encrypted partition for the root file system. Unfortunately, the
method detailed here relies on the offset parameter of
<literal>losetup</literal> to create &#34;subpartitions&#34; within
the asset. The offset parameter is limited to a maximum value of 2GB,
limiting the size of all but the last partition to 2GB. This works
nicely for swap, which is already limited to 2GB on the i386
architecture, but I&#39;m guessing it won&#39;t be practical for other
uses. Using it to create multiple partitions smaller than 2GB is left
as an exercise for the reader.</para>
<para>Another way to handle multiple partitions is to encrypt each partition separately (using the same key) to avoid the technical limitation above. This isn't secure as encrypting the whole disk because the partition table is exposed. When an attacker attempts to break encryption, the first thing he does is try to figure out what it's encrypting. A partition table listing Linux partitions is a big hint. For this reason I discourage encrypting multiple partitions separately, but arguably it's a good compromise for getting around the current <literal>losetup</literal> limitation. Another option is simply to wait for the release of Linux 2.6 because it is expected to make the offset parameter unnecessary.</para>
</warning>
</sect3>
<sect3>
@ -298,12 +306,12 @@
you can probably get away with just reading the fine
<literal><ulink url="http://loop-aes.sourceforge.net/loop-AES.README">README</ulink></literal>
that comes with <ulink url="http://sourceforge.net/projects/loop-aes/">loop-AES</ulink>.
If you do, be sure to read <xref linkend="Threat_Model" /> before you
If you do, be sure to read <xref linkend="ThreatModel" /> before you
finish here.</para>
</sect3>
</sect2>
<sect2 id="Threat_Model">
<sect2 id="ThreatModel">
<title>Threat Model</title>
<para>In order to protect our asset well, we must first understand what
@ -490,7 +498,7 @@
</glosslist>
</sect2>
<sect2>
<sect2 id="Caveats">
<title>Caveats</title>
<para><itemizedlist><listitem><para>This method won&#39;t work (yet)
@ -499,12 +507,12 @@
undoubtedly slow it down. I don&#39;t know by how much. If anyone has
done some benchmarks, please send them to me.</para></listitem><listitem><para>There
is nothing in this method to support <glossterm>plausible deniability</glossterm>
(see <xref linkend="Threat_Model" />).</para></listitem><listitem><para>It
(see <xref linkend="ThreatModel" />).</para></listitem><listitem><para>It
won&#39;t prevent information leaks via networks and removable disks.</para></listitem><listitem><para>Encrypting
backups is beyond the scope of this HOWTO.</para></listitem></itemizedlist></para>
</sect2>
<sect2>
<sect2 id="Requirements">
<title>Requirements</title>
<itemizedlist>
@ -595,7 +603,7 @@
</sect3>
</sect2>
<sect2>
<sect2 id="LookingToTheFuture">
<title>Looking to the Future</title>
<para>The method described here is specific to the 2.4 kernel for two
@ -613,7 +621,7 @@
</sect2>
</sect1>
<sect1>
<sect1 id="Procedure">
<title>Procedure</title>
<para>This method is designed to erase the contents of the asset before
@ -636,12 +644,12 @@
keychain and the asset on the same computer, but this needn&#39;t be the
case. Adapt the instructions to whatever&#39;s convenient for you.</para>
<sect2>
<sect2 id="PrepareTheKeychain">
<title>Prepare the Keychain</title>
<para>If you&#39;re taking the approach of encrypting only a file
instead of a disk or a partition, you may skip this section and proceed
directly to <xref linkend="Asset" />.</para>
directly to <xref linkend="PrepareTheAsset"/>.</para>
<para>In the ideal setup you will use a bootable keychain device, such
as a <glossterm>USB flash drive</glossterm> or a business card size
@ -660,7 +668,7 @@
<para>The first step&mdash;zeroing out the keychain&mdash;is technically
unnecessary, but it will make the keychain backup smaller if you back
it up as an image as I suggest in <xref linkend="Testing_and_Backup"/>.</para>
it up as an image as I suggest in <xref linkend="TestingAndBackup"/>.</para>
<blockquote>
<screen><prompt>bash# </prompt><userinput>dd if=/dev/zero of=/dev/sda</userinput></screen>
@ -809,7 +817,7 @@ means the initrd will have to stay mounted while the asset is mounted (not a big
<para>Create the minimal set of devices we&#39;ll need. Note that
<filename>tty</filename> is necessary for the password prompt. This
command assumes your asset is the drive /dev/<filename>hda</filename>.
command assumes your asset is the drive <filename>/dev/hda</filename>.
Change it as appropriate.</para>
<blockquote>
@ -834,20 +842,34 @@ means the initrd will have to stay mounted while the asset is mounted (not a big
<prompt>bash# </prompt><userinput>cp /usr/sbin/chroot usr/sbin</userinput></screen>
</blockquote>
<para>Now copy over the shared libraries they depend on.</para>
<para>Use <literal>ldd</literal> to find out which shared libraries are
used by each program:</para>
<tip>
<para>Here&#39;s a neat trick to find out which shared libraries are
used by a program (<literal>/bin/sh</literal> in this example):</para>
<screen><prompt>bash# </prompt><userinput>ldd /bin/sh</userinput>
<computeroutput> libncurses.so.5 =&#62; /lib/libncurses.so.5 (0x40020000)
<blockquote><screen>
<prompt>bash# </prompt><userinput>ldd /bin/{mount,sh,umount} /sbin/{losetup,pivot_root} /usr/sbin/chroot</userinput>
<computeroutput>/bin/mount:
libc.so.6 =&#62; /lib/libc.so.6 (0x40023000)
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)
/bin/sh:
libncurses.so.5 =&#62; /lib/libncurses.so.5 (0x40020000)
libdl.so.2 =&#62; /lib/libdl.so.2 (0x4005c000)
libc.so.6 =&#62; /lib/libc.so.6 (0x4005f000)
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)</computeroutput></screen>
</tip>
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)
/bin/umount:
libc.so.6 =&#62; /lib/libc.so.6 (0x40023000)
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)
/sbin/losetup:
libc.so.6 =&#62; /lib/libc.so.6 (0x40023000)
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)
/sbin/pivot_root:
libc.so.6 =&#62; /lib/libc.so.6 (0x40023000)
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)
/usr/sbin/chroot:
libc.so.6 =&#62; /lib/libc.so.6 (0x40023000)
/lib/ld-linux.so.2 =&#62; /lib/ld-linux.so.2 (0x40000000)</computeroutput>
</screen></blockquote>
<para>Copy the libraries:</para>
<para>Copy the libraries. On my system I copied these libraries (yours may be different):</para>
<blockquote>
<screen><prompt>bash# </prompt><userinput>cp /lib/{ld-linux.so.2,libc.so.6,libdl.so.2,libncurses.so.5} lib</userinput></screen>
@ -855,7 +877,7 @@ means the initrd will have to stay mounted while the asset is mounted (not a big
</sect3>
</sect2>
<sect2 id="Asset">
<sect2 id="PrepareTheAsset">
<title>Prepare the Asset</title>
<para>It&#39;s possible to repeat these steps as many times as you want
@ -932,8 +954,7 @@ means the initrd will have to stay mounted while the asset is mounted (not a big
</blockquote>
<para>Set up the loopback device using the seed. This is where you
choose your passphrase. Choose one with care that you know you won&#39;t
forget. The minimum length is 20 characters.</para>
choose your passphrase, which must be at least 20 characters in length. Choose one with care that you know you won&#39;t forget. You may want to use the <ulink url="http://world.std.com/~reinhold/diceware.html">Diceware method</ulink> for choosing a secure passphrase.</para>
<blockquote>
<screen><prompt>bash# </prompt><userinput>losetup -e AES128 -C 100 -S <replaceable>&#60;seed&#62;</replaceable> -T /dev/loop1 keys</userinput></screen>
@ -1147,7 +1168,7 @@ mount -n -t $ROOT_TYPE /dev/loop1 $MOUNT</programlisting>
</figure>
<para>If you&#39;re encrypting only a file, skip to <xref
linkend="Testing_and_Backup" />. Otherwise, save the following boot
linkend="TestingAndBackup" />. Otherwise, save the following boot
script as <filename>linuxrc</filename> and place it in
<filename>/tmp/initrd</filename>.</para>
@ -1177,7 +1198,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
<para>You now have an empty, encrypted file system. Hurray!</para>
</sect2>
<sect2 id="Testing_and_Backup">
<sect2 id="TestingAndBackup">
<title>Testing and Backup</title>
<para>Test your system by booting the keychain or executing the <xref
@ -1204,7 +1225,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
back at this point because you&#39;ve finished.</para>
</sect2>
<sect2 id="Rescue_Disk">
<sect2 id="RescueDisk">
<title>Rescue Disk</title>
<para>Rescue disks are useful when a system isn&#39;t behaving properly
@ -1236,7 +1257,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
specified in <xref linkend="decrypt.sh" />.</para>
</sect2>
<sect2>
<sect2 id="InstallingLinux">
<title>Installing Linux</title>
<para>Your final task is to install Linux to your new encrypted file system. As you do this make sure the entries in your <filename>/etc/fstab</filename> for the root and swap look like those below:</para>
@ -1262,7 +1283,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
<orderedlist>
<listitem>
<para>Boot from a rescue disk by following the instructions in <xref linkend="Rescue_Disk"/>.</para>
<para>Boot from a rescue disk by following the instructions in <xref linkend="RescueDisk"/>.</para>
</listitem>
<listitem>
@ -1278,7 +1299,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
<orderedlist>
<listitem>
<para>Boot from a rescue disk (Gentoo's Live CD 1.4 won't work) by following the instructions in <xref linkend="Rescue_Disk"/>.</para>
<para>Boot from a rescue disk (Gentoo's Live CD 1.4 won't work) by following the instructions in <xref linkend="RescueDisk"/>.</para>
</listitem>
<listitem>
@ -1310,7 +1331,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
</sect2>
</sect1>
<sect1>
<sect1 id="MoreInformation">
<title>More Information</title>
<itemizedlist>
@ -1323,10 +1344,8 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
</listitem>
<listitem>
<para>The <ulink
url="http://linuxfromscratch.org/hints/downloads/files/OLD/cryptoapi.txt">Encrypted
Filesystem Howto</ulink> describes encrypting the root file system
without an external keychain.</para>
<para><ulink
url="http://www.tldp.org/HOWTO/Encrypted-Root-Filesystem-HOWTO/">Encrypted Root Filesystem HOWTO</ulink></para>
</listitem>
<listitem>
@ -1335,7 +1354,7 @@ exec chroot . /sbin/init $* &#60;dev/console &#62;dev/console 2&#62;&#38;1</prog
</itemizedlist>
</sect1>
<glossary>
<glossary id="Glossary">
<title>Glossary</title>
<glossentry>

2
LDP/howto/docbook/HOWTO-INDEX/adminSect.sgml
View File

@ -556,7 +556,7 @@ a DSL network connection. </Para>
Disk-Encryption-HOWTO</ULink>,
<CiteTitle>Disk Encryption HOWTO</CiteTitle>
</Para><Para>
<CiteTitle>Updated: Oct 2003</CiteTitle>.
<CiteTitle>Updated: Dec 2003</CiteTitle>.
A method is described for encrypting a hard disk,
either in whole or in part, with the encryption key stored
on an external medium for increased security. </Para>

2
LDP/howto/docbook/HOWTO-INDEX/howtoChap.sgml
View File

@ -1056,7 +1056,7 @@ Shows some typical scenarios for easy start using Diald.
Disk-Encryption-HOWTO</ULink>,
<CiteTitle>Disk Encryption HOWTO</CiteTitle>
</Para><Para>
<CiteTitle>Updated: Oct 2003</CiteTitle>.
<CiteTitle>Updated: Dec 2003</CiteTitle>.
A method is described for encrypting a hard disk,
either in whole or in part, with the encryption key stored
on an external medium for increased security. </Para>

2
LDP/howto/docbook/HOWTO-INDEX/hwSect.sgml
View File

@ -802,7 +802,7 @@ and configuration information. </Para>
Disk-Encryption-HOWTO</ULink>,
<CiteTitle>Disk Encryption HOWTO</CiteTitle>
</Para><Para>
<CiteTitle>Updated: Oct 2003</CiteTitle>.
<CiteTitle>Updated: Dec 2003</CiteTitle>.
A method is described for encrypting a hard disk,
either in whole or in part, with the encryption key stored
on an external medium for increased security. </Para>

2
LDP/howto/docbook/HOWTO-INDEX/osSect.sgml
View File

@ -791,7 +791,7 @@ About filesystems and accessing filesystems. </Para>
Disk-Encryption-HOWTO</ULink>,
<CiteTitle>Disk Encryption HOWTO</CiteTitle>
</Para><Para>
<CiteTitle>Updated: Oct 2003</CiteTitle>.
<CiteTitle>Updated: Dec 2003</CiteTitle>.
A method is described for encrypting a hard disk,
either in whole or in part, with the encryption key stored
on an external medium for increased security. </Para>