Jump to content


Photo
- - - - -

Int0x80 Ep 1102 Segment


  • Please log in to reply
23 replies to this topic

#21 Valsacar

Valsacar

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 48 posts

Posted 25 March 2012 - 06:53 PM

I have 2 questions on the segment

a) how do I set up the swap file?

B) can I make a copy of the boot USB disc to another USB disc using say dd?


a) make a blank file of the right size
dd if=/dev/zero bs=1024 count=4094304 of=/swapfile
That should make you a blank file of about 4GB, bs*count=endsize (I did the math in my head, might be off)
mkswap /swapfile
That tells the system it's a swapfile
swapon /swapfile
That says to start using it
edit /etc/fstab to add: /swapfile swap swap defaults 0 0
That just mounts it as swap when you reboot.
You probably also want to make it read/write by root only, instead of whatever your defaults are.

B) Yes, a straight dd should work fine... just don't mix them up like I did when doing an update. I also put a copy of the original key on my HD (inside the encrypted part) in case I forget to check after an update, some updates can edit /boot which might change the bits on the usb drive (and therefore wipe out the key). So anytime I do an update I check to see if the key has changed, if it did I update the key before doing a backup of the usb drive.

#22 int0x80

int0x80

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 158 posts
  • Gender:Male
  • Interests:Internet

Posted 26 March 2012 - 07:04 AM

+1 on the dd, just make sure the target drive is at least the same size as the source drive.
6a 25 58 6a ff 5b 6a 09 59 cd 80

http://dualcoremusic.com

#23 bvx

bvx

    Newbie

  • Active Members
  • 5 posts

Posted 26 March 2012 - 09:23 AM

Ok, I managed to add cryptsetup to the installed system (Ubuntu in my case) and it is now possible to create the key on boot to unlock the target partition. I also had to copy the resolv.conf from the live to the installed environment for my internet (and apt-get/update/...) to work.

Only thing left is to automate the unlocking process on boot. I added a keyscript option to the crypttab file:
haktop	/dev/disk/by-uuid/UUID	none	luks,keyscript=/some-location-on-initramfs/keyscript.sh
But how do I add the keyscript file to the initramfs image?

#24 Valsacar

Valsacar

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 48 posts

Posted 28 March 2012 - 09:09 PM

Automating it defeats the purpose of doing it this way. If you want it automated, just use a normal key file with an ascii key instead of this method.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users