On Thu, 27 Jan 2011 15:25:40 + (UTC)
T o n g wrote:
> On Thu, 27 Jan 2011 09:02:52 -0500, Celejar wrote:
>
> >> Further, does disk encryption access the partition directly? I mean,
> >> does the 'cryptsetup luksFormat /dev/sdxn' care what type of partition
> >> (ext2/3, fat, etc) /dev/sdxn i
On Thu, 27 Jan 2011 16:40:39 +0100, Erwan David wrote:
> CBC would be a very bad idea for random access and modification.
I thought so.
Thanks for the confirmation.
--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/
--
To UNSU
On Thu, Jan 27, 2011 at 03:06:39PM CET, Eduardo M KALINOWSKI
said:
> On Qui, 27 Jan 2011, Celejar wrote:
> >>Now another question, which nobody seems to have noticed/mentioned.
> >>
> >>Since CBC encryption is a "recursive algorithm, the encryption of the n-th
> >>block requires the encryption of
On Thu, 27 Jan 2011 12:06:39 -0200
Eduardo M KALINOWSKI wrote:
> On Qui, 27 Jan 2011, Celejar wrote:
> >> Now another question, which nobody seems to have noticed/mentioned.
> >>
> >> Since CBC encryption is a "recursive algorithm, the encryption of the n-th
> >> block requires the encryption of
On Qui, 27 Jan 2011, Celejar wrote:
Now another question, which nobody seems to have noticed/mentioned.
Since CBC encryption is a "recursive algorithm, the encryption of the n-th
block requires the encryption of all preceding blocks, 0 till n-1." [1]
Now, does it mean if my HD has a bad block in
On Thu, 27 Jan 2011 05:25:20 + (UTC)
T o n g wrote:
> Thanks everyone who commented.
>
> On Thu, 27 Jan 2011 00:07:21 +0100, tv.deb...@googlemail.com wrote:
>
> >> - First very noob question, I don't want whole disk encryption, just
> >> want to encrypt some selected already partitioned pa
Sjoerd Hardeman:
> Celejar schreef:
>>
>> Oh, basically the Evil Maid attack. Fair enough. But then you have to
>> make sure the attacker can't flash the BIOS ...
>>
> Bother to explain how it works? If you have an encrypted partition,
> no adapted kernel will ever be able to access it.
Of cour
On Thu, 27 Jan 2011 11:03:58 +0100
Sjoerd Hardeman wrote:
> Celejar schreef:
> > On Wed, 26 Jan 2011 23:24:07 +0100
> > Jochen Schulz wrote:
> >
> >> Celejar:
> >>> Brad Alexander wrote:
> >>>
> Linux admins used LUKS, and as a further step, I put /boot (the only
> partition that can
On Qua, 26 Jan 2011, Brad Alexander wrote:
Because if your laptop gets stolen, the odds are that they will not
get the USB drive. Thus, it is another layer of security. Plus, if
they have /boot, they will be prompted for the passphrase, which means
they can brute force it.
Only if the user is u
Celejar schreef:
On Wed, 26 Jan 2011 23:24:07 +0100
Jochen Schulz wrote:
Celejar:
Brad Alexander wrote:
Linux admins used LUKS, and as a further step, I put /boot (the only
partition that cannot be encrypted) on a USB stick, so that if anyone
got the laptop, they had no access to the data.
Celejar:
> Jochen Schulz wrote:
>> Celejar:
>>>
>>> Why does putting /boot on a USB stick gain you anything?
>>
>> Because an unencrypted /boot may be altered by an attacker without you
>> noticing it. Theoretically, the kernel may be replaced by another one
>> that reports your passphrase to t
>On the 26/01/2011 06:36, T o n g wrote:
> Hi,
>
> I'm thinking to do the disk partition encryptions now. However
>
> "Hard drive encryption sounds like an intimating concept, mostly because
> it is. The thought of taking your precious files, then using a
> mathematical formula to convert them
On Wed, 26 Jan 2011 23:24:07 +0100
Jochen Schulz wrote:
> Celejar:
> > Brad Alexander wrote:
> >
> >> Linux admins used LUKS, and as a further step, I put /boot (the only
> >> partition that cannot be encrypted) on a USB stick, so that if anyone
> >> got the laptop, they had no access to the da
Celejar:
> Brad Alexander wrote:
>
>> Linux admins used LUKS, and as a further step, I put /boot (the only
>> partition that cannot be encrypted) on a USB stick, so that if anyone
>> got the laptop, they had no access to the data.
>
> Why does putting /boot on a USB stick gain you anything?
Bec
On Wed, 26 Jan 2011 16:21:41 -0500
Brad Alexander wrote:
> Because if your laptop gets stolen, the odds are that they will not
> get the USB drive. Thus, it is another layer of security. Plus, if
> they have /boot, they will be prompted for the passphrase, which means
> they can brute force it. I
Because if your laptop gets stolen, the odds are that they will not
get the USB drive. Thus, it is another layer of security. Plus, if
they have /boot, they will be prompted for the passphrase, which means
they can brute force it. If /boot is missing, then all they get is a
grub message saying "Gru
[Please don't cc me on replies.]
On Wed, 26 Jan 2011 15:48:15 -0500
Brad Alexander wrote:
...
> Linux admins used LUKS, and as a further step, I put /boot (the only
> partition that cannot be encrypted) on a USB stick, so that if anyone
> got the laptop, they had no access to the data.
Why doe
On Wed, Jan 26, 2011 at 9:29 AM, Celejar wrote:
> A partition cannot be mounted; filesystems can. If the partition is
> encrypted, no filesystem will be visible. If you mean to ask whether
> someone analyzing the disk will be able to detect an encrypted
> datastore, in general the answer is pro
On Wed, 26 Jan 2011 14:13:09 -0600
green wrote:
> Hopefully your questions have been answered. I used cryptsetup and LUKS for
> 2
> partitions. I have never had exactly 0 problems with it. LUKS support for
> multiple passwords has been helpful.
I've had several problems:
http://bugs.debia
Hopefully your questions have been answered. I used cryptsetup and LUKS for 2
partitions. I have never had exactly 0 problems with it. LUKS support for
multiple passwords has been helpful.
Now I don't remember that you actually requested a HOWTO, but here it is
anyway.
It is easy, just:
1.
On Wed, 26 Jan 2011 10:26:16 +0100
Sjoerd Hardeman wrote:
...
> No, luks and dm-crypt are linux only
There's purportedly Windows support for LUKS / dm-crypt volumes with
FreeOTFE:
http://en.wikipedia.org/wiki/FreeOTFE
Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggr
On Wed, 26 Jan 2011 05:36:22 + (UTC)
T o n g wrote:
...
> 2. http://www.tldp.org/HOWTO/html_single/Disk-Encryption-HOWTO/
> also, Linux Encryption HOWTO
> http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html
> v0.2.2, 04 October 2000
>
> Here are my questions,
>
> - First very noo
T o n g schreef:
Hi,
I'm thinking to do the disk partition encryptions now. However
"Hard drive encryption sounds like an intimating concept, mostly because
it is. The thought of taking your precious files, then using a
mathematical formula to convert them into random noise before scattering
23 matches
Mail list logo
