Truecrypted Linux system

[coolfire666]

After the section on truecrypt a while back, me and a friend of mine started thinking what else we could do with it.

As should be obvious from the topic title, we've (well, mostly him to be honest) have figured how to entirely encrypt your Linux system.

Some quick questions that might spring to mind:

Q: Isn't that really slow?

A: It's a little slower of course, but hardly noticeable.

Q: How does it boot from an encrypted drive?

A: /var isn't encrypted, that holds all the needed stuff until we can mount the encrypted partition.

Q: So when do we mount the encrypted partition?

A: During boot, I can't say when exactly, because I never paid attention to it :P (I'll add a note when I do)

Q: What about using a hidden volume?

A: In the guide, a hidden volume is used by default

Q: Do I need to be a Linux wizz to make this work?

A: No, all the tricky bits have been scripted, and the guide is into detail.

Q: What Linux distributions has this been tested on?

A: Ubuntu 7. x and Debian 4.

Q: I have another question! Where do I turn?

A: Here there's always loads of people that can help, join the Hak,5 IRC or my irc ddg. us. tddirc. net #hackerthreads (sorry, spam) Both me and foldingstock (the main developer) frequent that channel.

Well, with out further delay (cause there's been quite enough already)

Here's the link to the guide: (I'll copy the whole thing over to the forums if need be. )

http://theowned.org/news.php?item.30.5

[coolfire666]

For those of you that may have noticed, yes, we changed stuff.

Everything is encrypted, including /var. As a matter of fact, everything is in /var now, and the rest is linked there.

In other news, we're also thinking of ways to do the same gag with a windows machine, so stay tuned for that :)

Regards, Cool Fire

[mleo2003]

Hey, I'm trying to do this on a PCLinuxOS install, and I've run into a small spot of trouble. I'm at the "update-rc.d" step, and have discovered that I do not have this program, as it is Debian based. So, I cannot to that, but I've been studying what it did. As far as I can tell, it would have added links in the rcS.d folder for the truecrypt.sh script to start, but another problem: PCLinuxOS doesn't have that folder either. So, I'm betting this needs running at the system startup, I'm just not sure where.

If you could help, I need to know where to add the links, and when it should be asking to run truecrypt.sh. If I can find that out, I'll be set.

Thanks in advance if you can help out.

[coolfire666]

you could try adding it to /etc/init.d/ manually. Not too sure what kind of trouble you'll run into on that though.

[mleo2003]

Well, it's not really the init.d part that is holding me up. I've got the script saved in there just fine, it's the updating the system init file. Since you have it setup on Ubuntu just right, maybe you could tell me, what part of the initial start up of the machine does it ask you for the password? After /proc and others are mounted? Before networking? If I had a clue, I could update the script myself.

[coolfire666]

It's Debian I've set it up on myself, just for information sake.

And I'm not too sure about exactly when it does it.

Hang on while I boot it and I'll let you know what it does just before it.

[coolfire666]

Checking root file system...fsk 1.40-WIP (14-nov-2006)

/dev/hda2: clean, 140780/1221600 files, 883516/2441880 blocks

done.

EXT3 FS on hda2, internal journal

Setting the system clock..

Cleaning up if updown....

Loading kernel modules...loop: loaded (max 8 devices)

done.

Mounting Truecrypt Volumes

Enter password for '/dev/hda3': _

hope this gives you a bit of an indication of where about it's executed.