Re: Disk encryption questions

To: debian-user@lists.debian.org
Subject: Re: Disk encryption questions
From: Gregory Seidman <gsslist+debian@anthropohedron.net>
Date: Mon, 30 May 2005 18:47:42 -0400
Message-id: <[🔎] 20050530224742.GA13085@cs.brown.edu>
Mail-followup-to: debian-user@lists.debian.org
Reply-to: gsslist+debian@anthropohedron.net
In-reply-to: <[🔎] 200505301119.22788.jel@tundra.ath.cx>
References: <[🔎] 200505301119.22788.jel@tundra.ath.cx>

On Mon, May 30, 2005 at 11:19:22AM +0100, Lee Braiden wrote:
} In an effort to secure my system without degrading performance too much,
} I've created an encrypted disk, then moved various directories onto that
} disk, with softlinks from the original disk to there.  So, for example, I
} have stuff like this:
} 
} /home ->  /crypted/home
} /var/mail -> /crypted/var/mail
} 
} My question is... is that safe to do?  Does the link compromise inode
} information about the encrypted disk, for instance?  I've never seen
} anyone mentioning this, but I don't think I've heard anything against it
} either, and it's a nice solution to implement.

Symbolic links only contain the path. There is no inode information
involved. This is not, however, the best way to deal with an encrypted
disk. I much prefer to put LVM on top of an encrypted loop device to
provide whatever partitions I need, and mount them in place rather than
having symlinks lying around.

} Also, currently, this encrypted disk asks for a password at boot time
} (I'm using loop-aes), and simply doesn't mount if the password is wrong.
} Is there some way to make the system fail to boot if aes-loop's password
} validation fails? Or, at least, how do I stop files being written under
} the mount point, if it's not actually mounted?  Can I just fully
} write-protect the mount point, and then have that overridden when a disk
} is mounted on top?

Linux kernel encryption is basically a loop on a block device. Since there
is no checksum involved, there is no good way to tell if the password is
correct or not from the perspective of the loop driver. What you probably
want to do is to write a script around it to create the loop (which
requests the password) and attempt to mount; if the mount fails, the loop
should be taken down and the process should be attempted again. I generally
prefer not to have this happen automatically at startup but, instead,
manually run a script after logging in as root.

} Finally, I'm using aes-loop because I read that dm-crypt has
} vulnerabilities over loop, and aes-loop is superior.  Is that still the
} case?

That I know nothing about.

} Thanks
} Lee.
--Greg

Reply to:

Follow-Ups:
- Re: Disk encryption questions
  - From: Lee Braiden <jel@tundra.ath.cx>

References:
- Disk encryption questions
  - From: Lee Braiden <jel@tundra.ath.cx>

Prev by Date: Re: Kernel, install manually or through apt?
Next by Date: Re: Disk encryption questions
Previous by thread: Disk encryption questions
Next by thread: Re: Disk encryption questions
Index(es):
- Date
- Thread