howto:cryptdisk [some howtos]

Debian Sarge

Vorweg: wurde mit einer Debian Sarge 3.1-Stable getestet:

18:09:49 debianmike ~ [root]uname -a
Linux debianmike 2.6.8-3-686 #1 Sat Jul 15 10:32:25 UTC 2006 i686 GNU/Linux

Pakete nachinstallieren

mit apt-get install cryptsetup nachinstallieren.

Ausgabe von dpkg:

ii cryptsetup 20050111-3 configures encrypted block devices

Festplatte partitionieren:

mit fdisk wurde hdg folgendermaßen partitioniert:

Disk /dev/hdg: 300.0 GB, 300090728448 bytes
255 heads, 63 sectors/track, 36483 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/hdg1 1 12159 97667136 83 Linux
/dev/hdg2 12160 14592 19543072+ 83 Linux
/dev/hdg3 14593 14836 1959930 82 Linux swap / Solaris
/dev/hdg4 14837 36483 173879527+ 83 Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

Syncing disks.

Partitionen überschreiben:

dies dauert je nach CPU sehr lange

23:01:16 debianmike ~ [root]dd if=/dev/urandom of=/dev/hdg2
dd: writing to `/dev/hdg2': No space left on device
39086146+0 records in
39086145+0 records out
20012106240 bytes transferred in 40435.409450 seconds (494915 bytes/sec)

23:01:51 debianmike ~ [root]dd if=/dev/urandom of=/dev/hdg3
23:02:22 debianmike ~ [root]dd if=/dev/urandom of=/dev/hdg1
23:02:48 debianmike ~ [root]dd if=/dev/urandom of=/dev/hdg4

Partition verschlüsseln

18:01:26 debianmike ~ [root]cryptsetup -y create myLTSPtv /dev/hdg2

mit dmsetup prüfen:

18:01:26 debianmike ~ [root]dmsetup ls
home (254, 0)
myLTSPtv (254, 1)

zu /etc/crypttab hinzufügen:

18:03:22 debianmike ~ [root]cat /etc/crypttab
# <target device> <source device> <key file> <options>

#var /dev/hda2
#MyMusic /dev/hdg4
swap /dev/hdg3
myLTSPtv /dev/hdg2
home /dev/hde1
#backup /dev/hdg1

Filesystem erstellen

18:03:25 debianmike ~ [root]mkfs.ext3 /dev/mapper/myLTSPtv
mke2fs 1.38-WIP (09-May-2005)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
2443200 inodes, 4885768 blocks
244288 blocks (5.00%) reserved for the super user
First data block=0
150 block groups
32768 blocks per group, 32768 fragments per group
16288 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000

Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 38 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

abschließend

in /etc/fstab eintragen:

/dev/mapper/myLTSPtv /opt/myLTSPtv ext3 defaults 0 1

nun sollte ein Mountvorgang durchgeführt werden können:

18:09:40 debianmike ~ [root]mount -a
18:09:47 debianmike ~ [root]mount
/dev/mapper/myLTSPtv on /opt/myLTSPtv type ext3 (rw)