Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: How to encrypt your HDD (Debian/Ubuntu)

  1. #1
    phauk's Avatar Poster
    Join Date
    Dec 2009
    Location
    scotland.
    Posts
    113
    Hey FST.

    For this tutorial I used a VMware of Debian Lenny with 15GB of free space on /home. This is how to encrypt the hard disk and build two shell scripts to either mount or unmount the device. This also works for your computer at home and can be usefull there aswell Lets begin by allocating space for your encryption. For that we have to download some applications (dependencies). First we change to the /home directory because this is where we want to save the container volume. We are using the dd command to allocate 15 GB ( 15*1024*1024 = 15.727.640 ). You can see the progress by opening an 2nd shell and typing "df -h"

    cd /home
    apt-get install cryptsetup dmsetup hashalot
    dd if=/dev/zero of=volume bs=1k count=15728640

    Once all the space is allocated you can start writing the 2 shellscripts to mount and unmount the volume i will call them "mountvolume" and "killvolume" We will use the editor nano to write the shellscripts. Once your done writing the script use str+x to close ( and save ) it.
    # nano /usr/bin/mountvolume
    #########################################################################
    #!/bin/bash
    losetup /dev/loop0 /home/volume
    sleep 1
    cryptsetup luksOpen /dev/loop0 volume
    sleep 1
    mount -t ext2 /dev/mapper/volume /glftpd/site
    #########################################################################
    Now we have to write the unmount script called killvolume
    # nano /usr/bin/mountvolume
    #########################################################################
    #!/bin/bash
    umount /dev/mapper/volume
    cryptsetup luksClose volume
    losetup -d /dev/loop0
    #########################################################################
    Now we have both scripts we need to set the proper chmod for them so it can be executed. We do that by typing

    chmod +x /usr/bin/unmountvolume
    chmod +x /usr/bin/mountvolume
    Now the scripts are all set and executable. Next we use losetup to create a loopback device Then we use modprobe to load the needed Modules. And finish it by encrypting the container using cryptsetup

    losetup /dev/loop0 /home/volume
    modprobe cryptoloop
    modprobe dm_crypt
    cryptsetup -c aes-cbc-essiv:sha256 -y luksFormat /dev/loop0
    cryptsetup will ask you for a password rather think of some long password or simply create on using the following command ( but do not forget to delete it from the server later ... )

    head /dev/urandom | md5sum | awk '{print $1}' > /home/password.txt
    We are almost done all that is left is that we need to open the container and create a filesystem on it I will be using ext2

    cryptsetup luksOpen /dev/loop0 volume
    mkfs.ext2 /dev/mapper/volume
    mount -t ext2
    Now you can encrypt those naughty files

    Enjoy!

  2. Guides and Tutorials   -   #2
    Cabalo's Avatar FileSharingTalker BT Rep: +24BT Rep +24BT Rep +24BT Rep +24BT Rep +24
    Join Date
    Mar 2007
    Location
    European Union
    Age
    47
    Posts
    11,849
    Great stuff. I was looking for something like that, to run on my karmic koala.

  3. Guides and Tutorials   -   #3
    DISABLED PRIVS BT Rep: +2
    Join Date
    Jun 2008
    Location
    Oh, C'mon
    Posts
    90
    Thanks alot for this phauk. Really helpful

  4. Guides and Tutorials   -   #4
    phauk's Avatar Poster
    Join Date
    Dec 2009
    Location
    scotland.
    Posts
    113
    Good, glad to hear it

  5. Guides and Tutorials   -   #5
    This is Really Helpful

  6. Guides and Tutorials   -   #6
    darkstate01's Avatar Poster
    Join Date
    Oct 2007
    Location
    manc
    Posts
    438
    Truecrypt would be an easier option i would have thought, It has a GUI where you can mount and dismount folders, you can even encrypt an in place operating system on the fly while you are playing games surfing the net etc
    But hey if you like the scripting route you can even build a script to suit your situation, Just thought I would share another option to you guys/gals.
    PAIN is just WEAKNESS leaving the body

  7. Guides and Tutorials   -   #7
    Expeto's Avatar current user title
    Join Date
    Apr 2010
    Posts
    472
    nice guide,
    of course as a fedora user, all I need to do encrypt my HDD is check "encrypt the disk" and enter a pass, at the install

  8. Guides and Tutorials   -   #8
    phauk's Avatar Poster
    Join Date
    Dec 2009
    Location
    scotland.
    Posts
    113
    Quote Originally Posted by Expeto View Post
    nice guide,
    of course as a fedora user, all I need to do encrypt my HDD is check "encrypt the disk" and enter a pass, at the install
    heh, that's true - but thats with a gui, I was focusing on doing it raw

    I can make a guide for Fedora if you like with screenshots?

  9. Guides and Tutorials   -   #9
    Poster
    Join Date
    Jan 2015
    Location
    Delhi
    Posts
    36
    Nice information which I had been looking for a long time. Thanks for sharing such a wonderful information with us.
    Keep it up

  10. Guides and Tutorials   -   #10
    I usually use LUKS encryption and dm-crypt. I use it to encrypt flash drives and wear it sefely.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •