Re: Linux disk partition encryption
Thanks everyone who commented.
On Thu, 27 Jan 2011 00:07:21 +0100, tv.debian@googlemail.com wrote:
>> - First very noob question, I don't want whole disk encryption, just
>> want to encrypt some selected already partitioned partitions. If
>> someone mount those encrypted partitions, will they shows up as empty
>> or, there are some hints that the partitions have been encrypted?
>
> Don't know what you mean exactly by "show up as empty", with ecryptfs
> the mountpoint will indeed be empty unless the crypted directory is
> open. . .
My this question seems to have confused most people. What I wanted to
know is how would the partition appears to normal Joe. Now my
understanding is the following. are they correct?
The encrypted partition will appear as unformatted -- with no files
system on it, if you just simply want to do 'mount /dev/sdx' (just like
how Linux partitions normally appear to Windows). Even if one read its
physical sections, they will appear as "random" numbers. Oh, wait,
cryptsetup, has a pretty standard header, so an expert can at least tell
that the partition is encrypted with cryptsetup, but whether he can
decipher or not is a different story.
Is about correct?
Further, does disk encryption access the partition directly? I mean, does
the 'cryptsetup luksFormat /dev/sdxn' care what type of partition
(ext2/3, fat, etc) /dev/sdxn is?
Now another question, which nobody seems to have noticed/mentioned.
Since CBC encryption is a "recursive algorithm, the encryption of the n-th
block requires the encryption of all preceding blocks, 0 till n-1." [1]
Now, does it mean if my HD has a bad block in the middle, then all the
remaining data will be gone entirely?
1. http://clemens.endorphin.org/LinuxHDEncSettings
Thanks
--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/
Reply to: