Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: What good is crypt?

  1. #1
    Join Date
    Aug 2008
    Location
    Texas, US
    Posts
    227

    Default What good is crypt?

    I had /tmp and /var/tmp encrypted by the system for security purposes. Due to a file corruption problem not related to those directories, I booted with the OpenSuSE 12.1 KDE live CD. While I was letting fsck clean up my mess, I opened Dolphin and just for the heck of it, clicked on /tmp. I was able to see everything without being prompted for a passcode. The same was true for /var/tmp.
    When I had Yast Partitioner encrypt the directories, I created tmp.crypt and var-temp.crypt in the root directory and used them to set up the encryption. I had Yast create loop files for each directory set at 500MB each. The setup went without error and I was always prompted for the passcodes during boot to unlock the directories for mounting.
    My question is, did I do something incorrectly when I encrypted the directories, or is it possible to bypass the encryption by simply mounting the partition from a different OS as root?

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,367
    Blog Entries
    3

    Default Re: What good is crypt?

    It isn't clear from your post, whether you were looking at "/tmp" from the live KDE system, or "/tmp" from your installed system, which would have to have been mounted somewhere else.

    Even if you were looking at "/tmp" from the installed system, it isn't clear whether you were looking at files on the original system, before mounting the encrypted container.

    I don't think it is possible to mount the encrypted container without giving the pass phrase.

    Maybe recheck what you did. While looking at the "/tmp" (or "/var/tmp"), open a terminal window and use "df" to see what is mounted where. That will give you a better idea what you are looking at.

    And check the file dates in the "/tmp" and "/var/tmp" you are seeing. If those are from around the date that you setup the encryption (or earlier), then you are probably looking at the base directory that is hidden when the encrypted container is mounted.
    openSUSE Leap 15.1; KDE Plasma 5;

  3. #3
    Join Date
    Aug 2008
    Location
    Texas, US
    Posts
    227

    Default Re: What good is crypt?

    I was looking at the installed filesystem, not the running system from the CD. I mounted the hard drive. The file dates were newer than when the encryption was done. I would think that the original /tmp and /var/tmp would have been written over with encrypted information. Perhaps I made a mistake when I set it up. I'll try to do it again, but delete the original files after it is set up. I agree that I should not be able to view them once the encryption is done. I have been pondering re-installing OpenSuSE 12.1 with the entire OS encrypted. Does anyone have any positive or negative thoughts on that?

  4. #4
    Join Date
    Jun 2008
    Location
    Earth - Denmark
    Posts
    10,730

    Default Re: What good is crypt?

    On 02/09/2012 08:16 PM, purevw wrote:
    > Does anyone
    > have any positive or negative thoughts on that?


    it is pretty easy to pop open dolphin (or whatever) and accidentally
    look at /var/tmp in RAM, rather than /mnt/var/tmp or /media/var/tmp or
    /opt/var/tmp *or* wherever you mounted the hard drive..

    when you get it running again, have another look...i guess you will find
    it impossible to read the encrypted drive...*or* as you say, maybe you
    didn't actually encrypt it..

    --
    DD http://tinyurl.com/DD-Caveat
    Read what Distro Watch writes: http://tinyurl.com/SUSEonDW

  5. #5
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,367
    Blog Entries
    3

    Default Re: What good is crypt?

    Quote Originally Posted by purevw View Post
    I have been pondering re-installing OpenSuSE 12.1 with the entire OS encrypted. Does anyone have any positive or negative thoughts on that?
    That's about what I am doing. Everything except "/boot" is encrypted. I did this by installing as an encrypted LVM. It is working very well.
    openSUSE Leap 15.1; KDE Plasma 5;

  6. #6

    Default Re: What good is crypt?

    Quote Originally Posted by purevw View Post
    I have been pondering re-installing OpenSuSE 12.1 with the entire OS encrypted. Does anyone have any positive or negative thoughts on that?
    I am running an encrypted (minus /boot) LVM install as performed by the installer and it's working beautifully. It's likely possible to also set up the same without re-installing but it may involve a considerable amount of work. Anyway I'm quite glad that I went ahead with the encrypted LVM setup. I'm in the process of studying the documentation to have a thorough understanding of it as well as to know what exactly I need to do in the event of certain failures and I highly recommend doing this if you do decide to go this route.

  7. #7
    Join Date
    Aug 2008
    Location
    Texas, US
    Posts
    227

    Default Re: What good is crypt?

    I didn't realize a person could look at RAM through a file manager. Guess that's why I'm still a student penguin. Just to be clear, I mounted the entire root partition of my installed system (/dev/sdc2). So what I was looking at was /tmp and /var/tmp in the root file system. The problem that originally caused me to use the live CD as a rescue disk was fixed before I looked around the root file system. As I had been using the computer, I was always prompted for the pass code to mount the encrypted directories. Anyway, I removed the loop files and decrypted all for now.

  8. #8
    Join Date
    Aug 2008
    Location
    Texas, US
    Posts
    227

    Default Re: What good is crypt?

    I would most likely choose to encrypt the entire install without the use of LVM. I have zero experience and knowledge concerning virtual machines. If I do decide to encrypt all, I assume the best way without LVM would be to simply create a separate partition for boot. Anyone please correct me if that is incorrect. My /home is on a separate partition already and I have not used a /swap partition for a very long time as I have 12GB of physical RAM.

    Also, is it correct that Crypt uses only AES encryption? I set up cascading encryption on my Windows partitions with very good luck. decrypting seems fairly CPU intensive, but it has never really caused any problems. I use True Crypt under Wine to mount the Windows partitions under Linux.

    One important question I would have is: how large should the boot partition be, providing plenty of padding for any larger future kernels? My current /boot shows to be 29MB in size.

  9. #9
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: What good is crypt?

    On 2012-02-10 13:16, purevw wrote:
    >
    > I didn't realize a person could look at RAM through a file manager.


    There are some directories stored in ram, not disk.
    And, if you point at certain files in /proc, you can certainly look at memory.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

  10. #10
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: What good is crypt?

    On 2012-02-10 13:26, purevw wrote:
    >
    > I would most likely choose to encrypt the entire install without the use
    > of LVM. I have zero experience and knowledge concerning virtual
    > machines. If I do decide to encrypt all, I assume the best way without
    > LVM would be to simply create a separate partition for boot. Anyone
    > please correct me if that is incorrect. My /home is on a separate
    > partition already


    There is another manual procedure which I can't describe with separate
    passwords. When this question was asked previously I posted links to people
    that did it, so they must be in the archive.

    View this thread: http://forums.opensuse.org/showthread.php?t=456418
    View this thread: http://forums.opensuse.org/showthread.php?t=466353

    > Also, is it correct that Crypt uses only AES encryption?


    No, that's what yast uses. If you do it manually you can use whatever you like.

    > One important question I would have is: how large should the boot
    > partition be, providing plenty of padding for any larger future kernels?


    Between quarter and half gigabyte. Ext2, not ext4.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.4 x86_64 "Celadon" at Telcontar)

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •