I am sorry for such complicated questions from my side at the beginning, but I want
to set up a new system with openSUSE 11.3
The system should be fully encrypted. I want to use the best possible encryption.
1 I am not sure, AES 256 xts-plain is the most secure single algorithm, isn’t it?
2 Is it possible to use a cipher?
3 Which algorithm does the yast-installer use when I encrypt the whole system with a logical volume group?
But I have to say that these routines are a little bit complicated in my eyes.
Isn´t there a easier way to encrypt the whole OS?
I know there is a 64bit live cd available.
4 So the first description (a) is obsolete?
5 How can I set up a (fully encrypted) system without using LVM?
I hope /swap /var and /tmp are the only directories where temporary files are stored that disturb the security (when you only encrypt the home directory).
6 Or are there other directories where temporary Data is stored?
I hope this Post includes all my questions. Maybe there will be some more later…
It’s a good one; stronger than you can break in your lifetime.
This seems redundant; what do you mean exactly?
Not sure. I followed the second link you posted (tinyurl) when I set
mine up; it’s been great since.
I think so. The option is there now within the installer, I believe
as of 11.2.
I’m not sure; is there a reason you’d want to?
There could be other places I suppose, but you’re encrypting
everything except /boot so it shouldn’t really matter since that is
everything in which you could possibly have sensitive data (except for a
Grub password I suppose).
Good luck.
On 08/18/2010 05:36 AM, purple light wrote:
>
> I say hello to the openSUSE community!
>
> I am sorry for such complicated questions from my side at the
> beginning, but I want
> to set up a new system with openSUSE 11.3
>
> The system should be fully encrypted. I want to use the best possible
> encryption.
> 1 I am not sure, AES 256 xts-plain is the most secure single algorithm,
> isn’t it?
>
> 2 Is it possible to use a cipher?
>
> 3 Which algorithm does the yast-installer use when I encrypt the whole
> system with a logical volume group?
>
>
> I have read this two articles:
> a) ‘Encrypted Root File System - openSUSE’
> (http://old-en.opensuse.org/Encrypted_Root_File_System)
> b) ‘openSUSE Lizards » encrypted root file system on LVM’
> (http://tinyurl.com/de4zrv)
>
> But I have to say that these routines are a little bit complicated in
> my eyes.
> Isn´t there a easier way to encrypt the whole OS?
> I know there is a 64bit live cd available.
>
> 4 So the first description (a) is obsolete?
>
> 5 How can I set up a (fully encrypted) system without using LVM?
>
> The hard disk layout should be done in this way:
>
> /boot sda1
> /enhanced partition sda2
> /swap sda5
> /var sda6
> /tmp sda7
> /root sda8
> /home sda9
>
>
> I hope /swap /var and /tmp are the only directories where temporary
> files are stored that disturb the security (when you only encrypt the
> home directory).
>
> 6 Or are there other directories where temporary Data is stored?
>
>
> I hope this Post includes all my questions. Maybe there will be some
> more later…
>
>
>
>
> Again, I am sorry for so much questions!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
1 That don´t help me much. Do you know which one is used? AES? Serpent? Blowfish? Twofish? It´s not described in the installer. Otherwise the mod of operation isn´t descriped too. Of course I don’t believe that a weak method is used. But the cryptsetup order that is used would be great. This is important for me.
A lot of algos are more or less “good” But each has it’s own weakness.
2 when three algos are used in a cascade isn’t there much more security? I mean instead of 256Bit key an all in all 768 key length when three 256bit algos are used?
4 I didn’t understood your argument. Could you describe it in an other way?
5 The problem is I don´t have any experience with LVM. Is really everything in the secured volume group encrypted? Isn’t there a negative side when it is compare which a traditional layout? And when I am using 2 primary partitions one for boot and one for the enhanced logical partition in an LVM. Is there the possibility two install an other OS on this disk? Or would it be too complicated to organize MBR and another boot partition for another OS?
/boot >
/enhanced > Two primaries used >two primaries free
6 Mainly I want know that because I want have the option to wipe data traces.
Of course this is not essential with an encrypted file system, but the plus on security doesn´t cost much work. I hope you can understand my point of view here.
> 5. I’m not sure; is there a reason you’d want to?
I don’t like nor trust LVM.
I don’t see why we should have an extra layer - except that with non lvm partitions apparently we
have to type the password several times. That should be easy to code around. AFAIK, it’s the only
hurdle.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
[QUOTE=Carlos E. R.;2208517]On 2010-08-18 17:47, ab@novell.com wrote:
> 5. I’m not sure; is there a reason you’d want to?
I don’t like nor trust LVM.
I don’t see why we should have an extra layer - except that with non lvm partitions apparently we
have to type the password several times. That should be easy to code around. AFAIK, it’s the only
hurdle.
But an “normal” installation without LVM isn´t supported by the installer.
My box, which came from the tinyurl link you posted, uses AES 256. I
do not have a box setup post-11.2 using the installation options but I’d
guess it will be the same.
Your question was “is it possible to use a cipher” which includes AES
by definition. Were you meaning is it possible to use a cipher multiple
times or to use multiple different ciphers? I do not know how you would
do that in implementation though, sure, in theory more may help,
especially if they are different ciphers with different passphrases for
keys. If you are this concerned with your security, though, you probably
shouldn’t be exposing your concern. On the other hand you’re using
TOR for your posts so maybe you need this after all.
I may not have understood your question. When you said “the first
option is obsolete” I assumed you meant the first link which you had
marked as ‘a’. It is no longer necessary with the newer versions of OpenSUSE.
LVM will be configured for you. Everything in the volume group should
be encrypted because it happens at the group level. In my case, where I
followed link ‘b’ for my initial setup, my entire /dev/sda2 is encrypted
which is the level below the volume group. The end result should be the
same, though, where all sensitive data is kept outside of /boot (except a
hash for a Grub password, if applicable).
Yes, if you use the full disk encryption you should be fine. If you
have time to wipe your box before you are about to have somebody steal
your hardware and try to brute-force your encryption feel free to run DBAN
over everything first.
Good luck.
On 08/18/2010 12:42 PM, purple light wrote:
>
> Thanks for your quick response
>
> 1 That don´t help me much. Do you know which one is used? AES? Serpent?
> Blowfish? Twofish? It´s not described in the installer. Otherwise the
> mod of operation isn´t descriped too. Of course I don’t believe that a
> weak method is used. But the cryptsetup order that is used would be
> great. This is important for me.
> A lot of algos are more or less “good” But each has it’s own weakness.
>
>
> 2 when three algos are used in a cascade isn’t there much more
> security? I mean instead of 256Bit key an all in all 768 key length when
> three 256bit algos are used?
>
>
> 4 I didn’t understood your argument. Could you describe it in an other
> way?
>
> 5 The problem is I don´t have any experience with LVM. Is really
> everything in the secured volume group encrypted? Isn’t there a negative
> side when it is compare which a traditional layout? And when I am using
> 2 primary partitions one for boot and one for the enhanced logical
> partition in an LVM. Is there the possibility two install an other OS
> on this disk? Or would it be too complicated to organize MBR and another
> boot partition for another OS?
>
> /boot >
> /enhanced > Two primaries used >two primaries free
>
>
>
>
>
>
>
> 6 Mainly I want know that because I want have the option to wipe data
> traces.
> Of course this is not essential with an encrypted file system, but the
> plus on security doesn´t cost much work. I hope you can understand my
> point of view here.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>> But an “normal” installation without LVM isn´t supported by the
>> installer.
On the partition screen the installer ask you for a Partition Scheme or
a LVM scheme
VampirD
Microsoft Windows is like air conditioning
Stops working when you open a window.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
On 2010-08-18 20:42, purple light wrote:
>
> Thanks for your quick response
>
> 1 That don´t help me much. Do you know which one is used? AES? Serpent?
> Blowfish? Twofish? It´s not described in the installer. Otherwise the
> mod of operation isn´t descriped too. Of course I don’t believe that a
> weak method is used. But the cryptsetup order that is used would be
> great. This is important for me.
> A lot of algos are more or less “good” But each has it’s own weakness.
file -s on the device says it:
LUKS encrypted file, ver 1 [aes, cbc-essiv:sha256, sha1] UUID: …
About the command used to create it, see previous posts in these forums, I explained it not a month ago.
> 5 The problem is I don´t have any experience with LVM. Is really
> everything in the secured volume group encrypted?
Yes.
> Isn’t there a negative
> side when it is compare which a traditional layout?
Yes.
> And when I am using
> 2 primary partitions one for boot and one for the enhanced logical
> partition in an LVM. Is there the possibility two install an other OS
> on this disk?
Yes and no.
If it is another linux, yes - if it can understand it. If it is not (linux), it must go outside the
LVM, obviously.
> Or would it be too complicated to organize MBR and another
> boot partition for another OS?
Depends on you >:-)
> 6 Mainly I want know that because I want have the option to wipe data
> traces.
> Of course this is not essential with an encrypted file system, but the
> plus on security doesn´t cost much work. I hope you can understand my
> point of view here.
I don’t understand the question.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
> 2. Your question was “is it possible to use a cipher” which includes AES
> by definition. Were you meaning is it possible to use a cipher multiple
> times or to use multiple different ciphers? I do not know how you would
> do that in implementation though, sure, in theory more may help,
> especially if they are different ciphers with different passphrases for
> keys. If you are this concerned with your security, though, you probably
> shouldn’t be exposing your concern. On the other hand you’re using
> TOR for your posts so maybe you need this after all.
I think about something like that: AES-serpent-twofish
> 4. I may not have understood your question. When you said “the first
> option is obsolete” I assumed you meant the first link which you had
> marked as ‘a’. It is no longer necessary with the newer versions of OpenSUSE.
Yes I meant that. But what option is now the best?
VampirD wrote:
> On the partition screen the installer ask you for a Partition Scheme or
> a LVM scheme
Yes it asks. But when you want to use an encrypted system the only mod that can be used is LVM. When you want to use the normal, traditional setup only /home can be encrypted
Carlos E.R: wrote:
>file -s on the device says it:
> LUKS encrypted file, ver 1 [aes, cbc-essiv:sha256, sha1] UUID: …
but this block mode isn´t secure.
What about this one:
cryptsetup -c aes-xts-plain -s 512 luksFormat /dev/sdXy