Saturday, March 16, 2019
linux encryption Essay -- essays research papers
. Contents .I. launching- About II. ENCRYPTING- Containers- Drives- Files APPENDIX . I. INTRO .-= About =-This is a quick rundown on how to encrypt loads, containers, and drives under(a) Linux. The function of loopback encrypted single filesystems and openssl is explainedand examples are assumption. This paper should have you encrypting in no time. The interest commands were done running kernel 2.6.9.. ENCRYPTING .Ill outline how to create encrypted containers and drives using the loopback filesystem halt and file encryption via openssl.-= Containers =-This is essentially creating a filesystem within a file and mounting it as a device. Containers vastly decrease the tedious lying-in of individually encryptingfiles since you simply move your files into the mount point and then unmount and they nicely encrypted.First, you need to create a blank file using the dd command.dd if=/dev/urandom of=crypto.img bs=1M count=50- The first line of reasoning uses the /dev/urandom device t o create the file withrandom data to make it more difficult to distinguish amongst free spaceand encrypted data. The /dev/zero device can be use but is not advised.- The second controversy of=crypto.img defines the name to be given to thefile and this can be changed to suit your preference.- The third parameter bs=1M instructs the dd command to create the file in1MB blocks. I recomm reverse you communicate this value as 1M- The final parameter defines the size of the file in relation to the bs parameter. Since bs=1M and count=50 the file endure for be 50MB hence changingthe count value to 100 would return key a 100MB file and so on. It is worthmentioning that the file can be resized once created this leave beexplained in the appendix.Second, the file must be associated to a loop device and encrypted.losetup -e aes256 /dev/loop0 crypto.img- The parameter -e aes256 at the beginning instructs losetup on whichcipher to use. The cipher type is dependent on what your kernel support s.In this example the AES 256 bit cipher is used but you can use othercipher types such as blowfish interchangeably.- The second parameter /dev/loop0 is the device to which we bind the file too. Binding the file will allow us to format the file with filesystem. - The final pa... ...utputs at password.txt.enc. (This is a alternatively redundant explanationbut oh well)Now to decrypt a file.openssl enc -d -aes-256-cbc -in password.txt.enc -out password.txt- The enc -d -aes-256-cbc sectionalization of the command specifies which cipher to usefor decryption.- The -in password.txt parameter specifies which file to decrypt.- The final parameter instructs openssl to output the decryption into afile. This parameter can omitted and the file will be decrypted tostdout.. APPENDIX .-= Resizing containers =-If you formatted your container with the ext2 filesystem you can resize it with the ext2resize app.First, increase the size of the container. In this example the file acting as the encrypte d container is called crypto.img and its size is incremented by20MB.dd if=/dev/urandom bs=1M count=20 crypto.img- The of= parameter is omitted and instead is used at the end of the command to append 20MB to the crypto.img file.Second, bind the file to a loop device.losetup -e aes256 /dev/loop0 crypto.imgThird, comprehend the ext2 filesystem within the container.ext2resize /dev/loop0That is all thats needed to resize your encrypted container.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.