Jump to content

Truecrypted Linux system


coolfire666
 Share

Recommended Posts

After the section on truecrypt a while back, me and a friend of mine started thinking what else we could do with it.

As should be obvious from the topic title, we've (well, mostly him to be honest) have figured how to entirely encrypt your Linux system.

Some quick questions that might spring to mind:

Q: Isn't that really slow?

A: It's a little slower of course, but hardly noticeable.

Q: How does it boot from an encrypted drive?

A: /var isn't encrypted, that holds all the needed stuff until we can mount the encrypted partition.

Q: So when do we mount the encrypted partition?

A: During boot, I can't say when exactly, because I never paid attention to it :P (I'll add a note when I do)

Q: What about using a hidden volume?

A: In the guide, a hidden volume is used by default

Q: Do I need to be a Linux wizz to make this work?

A: No, all the tricky bits have been scripted, and the guide is into detail.

Q: What Linux distributions has this been tested on?

A: Ubuntu 7. x and Debian 4.

Q: I have another question! Where do I turn?

A: Here there's always loads of people that can help, join the Hak,5 IRC or my irc ddg. us. tddirc. net #hackerthreads (sorry, spam) Both me and foldingstock (the main developer) frequent that channel.

Well, with out further delay (cause there's been quite enough already)

Here's the link to the guide: (I'll copy the whole thing over to the forums if need be. )

http://theowned.org/news.php?item.30.5

Link to comment
Share on other sites

  • 2 weeks later...

For those of you that may have noticed, yes, we changed stuff.

Everything is encrypted, including /var. As a matter of fact, everything is in /var now, and the rest is linked there.

In other news, we're also thinking of ways to do the same gag with a windows machine, so stay tuned for that :)

Regards, Cool Fire

Link to comment
Share on other sites

  • 3 weeks later...

Hey, I'm trying to do this on a PCLinuxOS install, and I've run into a small spot of trouble. I'm at the "update-rc.d" step, and have discovered that I do not have this program, as it is Debian based. So, I cannot to that, but I've been studying what it did. As far as I can tell, it would have added links in the rcS.d folder for the truecrypt.sh script to start, but another problem: PCLinuxOS doesn't have that folder either. So, I'm betting this needs running at the system startup, I'm just not sure where.

If you could help, I need to know where to add the links, and when it should be asking to run truecrypt.sh. If I can find that out, I'll be set.

Thanks in advance if you can help out.

Link to comment
Share on other sites

Well, it's not really the init.d part that is holding me up. I've got the script saved in there just fine, it's the updating the system init file. Since you have it setup on Ubuntu just right, maybe you could tell me, what part of the initial start up of the machine does it ask you for the password? After /proc and others are mounted? Before networking? If I had a clue, I could update the script myself.

Link to comment
Share on other sites

Checking root file system...fsk 1.40-WIP (14-nov-2006)

/dev/hda2: clean, 140780/1221600 files, 883516/2441880 blocks

done.

EXT3 FS on hda2, internal journal

Setting the system clock..

Cleaning up if updown....

Loading kernel modules...loop: loaded (max 8 devices)

done.

Mounting Truecrypt Volumes

Enter password for '/dev/hda3': _

hope this gives you a bit of an indication of where about it's executed.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...