Results 1 to 5 of 5

Thread: Mount encrypted partition with bash script?

  1. #1
    Join Date
    Oct 2008
    Location
    Sunny Arizona
    Posts
    251

    Default Mount encrypted partition with bash script?

    I currently have a simple bash script set up via cron to backup my data (rsync) to an internal hard drive at regular intervals. I leave this "backup" hard drive unmounted, and it is mounted and unmounted as needed with the bash script.

    If I were to encrypt this "backup" drive (via Luks, or some other means), is there a way to get my backup script to work without me having to be there to enter a password?

  2. #2
    Join Date
    Jun 2008
    Location
    Norwich, UK
    Posts
    215

    Default Re: Mount encrypted partition with bash script?

    queequeg wrote:

    >
    > I currently have a simple bash script set up via cron to backup my data
    > (rsync) to an internal hard drive at regular intervals. I leave this
    > "backup" hard drive unmounted, and it is mounted and unmounted as needed
    > with the bash script.
    >
    > If I were to encrypt this "backup" drive (via Luks, or some other
    > means), is there a way to get my backup script to work without me having
    > to be there to enter a password?
    >
    >


    Sounds like a job for expect. Have a look around on the web for tutorials.

    Note that does mean that your password will be in the bash script, thereby
    making your security fairly pointless :-(

    --
    Alan

  3. #3

    Default Re: Mount encrypted partition with bash script?

    Quote Originally Posted by queequeg View Post
    If I were to encrypt this "backup" drive (via Luks, or some other means), is there a way to get my backup script to work without me having to be there to enter a password?
    Use Keyfiles instead of passwords (or better, use a very strong passphrase as fallback and a keyfile for "auto-backup").

    Quote Originally Posted by fudokai
    Note that does mean that your password will be in the bash script, thereby
    making your security fairly pointless :-(
    Important point, however, encryption does not protect you at all if the system is running, so if

    a) the running system is not encrypted (and only the backup is), the whole things does not make much sense anyway ($BADGUY will most probably steal the external disk AND the machine)

    b) the running system is encrypted, storing the keyfile ONLY on the (encrypted) running system (and maybe keeping a copy of it on another, external medium, which of course also has to be encrypted!) will protect the backup and the running system against offline attacks.

  4. #4
    Join Date
    Oct 2008
    Location
    Sunny Arizona
    Posts
    251

    Default Re: Mount encrypted partition with bash script?

    Quote Originally Posted by Akoellh View Post
    Use Keyfiles instead of passwords (or better, use a very strong passphrase as fallback and a keyfile for "auto-backup").



    Important point, however, encryption does not protect you at all if the system is running, so if

    a) the running system is not encrypted (and only the backup is), the whole things does not make much sense anyway ($BADGUY will most probably steal the external disk AND the machine)

    b) the running system is encrypted, storing the keyfile ONLY on the (encrypted) running system (and maybe keeping a copy of it on another, external medium, which of course also has to be encrypted!) will protect the backup and the running system against offline attacks.
    This sounds good. My intent is to encrypt all my data drives (per your (a) above), I just couldn't figure out how to get my backup encrypted as well without losing my timely backups. Thanks for the help, I'll research using keyfiles.

  5. #5
    Join Date
    Oct 2008
    Location
    Sunny Arizona
    Posts
    251

    Default Re: Mount encrypted partition with bash script?

    I've looked into this, and can't seem to get a keyfile to work. I've started a new thread here.

    Thanks again.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •