Saturday, February 2, 2019
linux encryption Essay -- essays research papers
. Contents .I. INTRO- About      II. ENCRYPTING- Containers- Drives- Files           auxiliary      . I. INTRO .-= About =-This is a quick rundown on how to inscribe rouses, containers, and drives under Linux. The use of laceback encrypted institutionalisesystems and openssl is explainedand examples are given. This paper should have you encrypting in no time. Thefollowing commands were done running marrow 2.6.9.. ENCRYPTING .Ill outline how to seduce encrypted containers and drives victimisation the loopback commitsystem support and file encryption via openssl.-= Containers =-This is essentially creating a filesystem within a file and mounting it as a device. Containers vastly decrease the uninteresting task of individually encryptingfiles since you simply move your files into the mount point and then unmount and they nicely encrypted.First, you need to create a blank file victimisation the d d command.dd if=/dev/urandom of=crypto.img bs=1M count=50- The first line of reasoning uses the /dev/urandom device to create the file withrandom data to make it more difficult to disunite between free spaceand encrypted data. The /dev/zero device endure be used but is not advised.- The scrap parameter of=crypto.img defines the name to be given to thefile and this loafer be changed to suit your preference.- The third parameter bs=1M instructs the dd command to create the file in1MB blocks. I urge you leave this value as 1M- The closing parameter defines the coat of the file in relation to the bs parameter. Since bs=1M and count=50 the file depart be 50MB hence changingthe count value to vitamin C would yield a 100MB file and so on. It is worthmentioning that the file can be resized once created this will beexplained in the appendix.Second, the file mustiness be associated to a loop device and encrypted.losetup -e aes256 /dev/loop0 crypto.img- The parameter -e aes256 at th e number 1 instructs losetup on whichcipher to use. The cipher type is dependent on what your kernel supports.In this example the AES 256 bit cipher is used but you can use othercipher types such as blowfish interchangeably.- The second parameter /dev/loop0 is the device to which we bind the file too. Binding the file will allow us to format the file with filesystem. - The final pa... ...utputs at password.txt.enc. (This is a rather redundant explanationbut oh well)Now to decrypt a file.openssl enc -d -aes-256-cbc -in password.txt.enc -out password.txt- The enc -d -aes-256-cbc part of the command specifies which cipher to usefor decryption.- The -in password.txt parameter specifies which file to decrypt.- The final parameter instructs openssl to output the decryption into afile. This parameter can omitted and the file will be decrypted tostdout.. APPENDIX .-= Resizing containers =-If you formatted your container with the ext2 filesystem you can resize it with the ext2resize app.Fi rst, increase the size of the container. In this example the file acting as the encrypted container is called crypto.img and its size is incremented by20MB.dd if=/dev/urandom bs=1M count=20 >> crypto.img- The of= parameter is omitted and instead >> is used at the end of the command to append 20MB to the crypto.img file.Second, bind the file to a loop device.losetup -e aes256 /dev/loop0 crypto.imgThird, extend the ext2 filesystem within the container.ext2resize /dev/loop0That is all thats needed to resize your encrypted container.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment