Thread replies: 33
Thread images: 2
Thread images: 2
Anonymous
Linux full-volume encryption 2016-12-04 09:50:31 Post No. 57840635
[Report] Image search: [Google]
Linux full-volume encryption 2016-12-04 09:50:31 Post No. 57840635
[Report] Image search: [Google]
File: gparted-main-window.png (45KB, 777x524px) Image search:
[Google]
45KB, 777x524px
Is there a sane way to do full-volume encryption under Linux? dmcrypt is entirely command-line driven, and one would practically have to attend a seminar to know how to how to configure this shit.
No version of GParted that I know of can manage this, or even read / manipulate encrypted partitions.
>>
Veracrypt
>>
>>57840635
If you're only using a single drive, most GUI installers handle it.
What i can't find how the fuck to do is encrypting a full setup consisting of two or more drives without wasting my life in google and the terminal, even on Windows is like 3 or 4 clicks to do that shit.
>>
>>57840682
>If you're only using a single drive, most GUI installers handle it.
I don't generally use distros that have GUI installers, and those that do don't support encryption. I'm guessing that's more likely to be the case with Ubuntu, which I have no interest in using for any reason.
>>57840643
It doesn't support full-volume encryption under GNU/Linux, and I wouldn't trust an unauthorized fork of TrueCrypt anyway.
>>
you best attend that seminar OP
>>
>>57840635
>Is there a sane way to do full-volume encryption under Linux?
Yes.
>dmcrypt is entirely command-line driven, and one would practically have to attend a seminar to know how to how to configure this shit.
It's ridiculously easy. Just follow some tutorial.
All installers I can think of support full disk encryption, even the text ones.
Btw, you shouldn't trust encryption if you don't understand it.
Also: https://mhogomchungu.github.io/zuluCrypt/
>>
>>57840635
What memeOS do you use?
>>
>>57840772
>spending hours in command line space juggling verbose operations
>"ridiculously easy"
Okay.
>you shouldn't trust encryption if you don't understand it
I know what encryption is, Anon. Having perfect recall of a very specific series of command line functions for applying said encryption is another matter entirely.
>>
>>57840928
I'm not joking. It's far from hard.
>Fill disk with random data
>cryptsetup luksFormat /path/to/device
>cryptsetup luksOpen /path/to/device volume_name
>mkfs.ext4 /dev/mapping/volume_name
>mount /dev/mapping/volume_name /mount/directory
>>
>>57840928
Also, is not knowing what encryption is, is knowing the algorithm and having a general idea of how it's implemented.
>>
>>57840635
Well in gnome disk manager when you pick a file system type you pick ext4+Luks. It's that easy, on fedora at least.
>>
>>57841093
>>57840928
btw: don't forget to close the device after using it
cryptsetup luksClose/path/to/device
>>
>>57840928
>spending hours in command line space juggling verbose operations
Does your shitOS not have any kind of scripting functionality or are you just retarded?
>>
>>57840635
Install Solus. Seriously, it's file system has military grade encryption by default, with no cpu overhead and no need for password.
Actually, the CIA and NSA are using solus on their servers.
>>
>>57841360
This guy is right. You should try solus, it's the best OS.
>>
>>57840682
>What i can't find how the fuck to do is encrypting a full setup consisting of two or more drives without wasting my life in google and the terminal, even on Windows is like 3 or 4 clicks to do that shit.
Thought i was the only one, still unable to find a distro that lets you do that easily.
>>
>>57841486
Where exactly did you get stuck?
>>
>>57841360
>>57841416
Except the package manager has no useful software.
>and no need for password.
Oh, you are trolling him... Here is a (you)
>>
>>57841535
None of the usual GUI installers have options to do that, only a box that says "encrypt entire installation" which refers to a single drive.
The arch wiki explains how to make your lvm, make the containers and set up a password but nothing else. How am i supposed to merge the opened containers with the GUI installer from a distro?
>>
>>57841608
I didn't understand what you said. I have used several distros in a ssd+hdd lvm+luks setup.
(it's easy, really)
Please explain more clearly what you did and where you stopped.
>>
>wants to encrypt hard drive
>doesn't know CLI
nigger
>>
>>57841608
>None of the usual GUI installers have options to do that, only a box that says "encrypt entire installation" which refers to a single drive.
Also, they do. Just choose manual partitioning.
>>
>>57841721
What does one thing have to do with the other?
>>
>>57841703
Downloaded xubuntu as a common distro and ran a VM to test again, this is where i get stuck.
>>
>>57842015
I don't think I understood it correctly. Do you have two physical volumes, one encrypted and one not, and you create a lvm over both? That don't make much sense.
Encrypt sda2 and sdb1, then create the lvm over it.
After that you are basically done. The partitions should show up in the installer when clicking "advanced partition layout". Install normally.
Then create /etc/crypttab on the target, chroot and install grub.
>>
>>57842139
Maybe i'm fucking up the partitioning because i'm stupid.
I have two physical drives, i'd like to have root and swap on sda and home on sdb, both drives encrypted with a single passphrase.
>chroot and install grub
Care to explain to a pleb?
>>
>>57842253
Run luksFormat on sda2 and sdb1.
luksOpen both.
Create your volume groups.
Create you logical volumes, to specify a physical volume for each partition just add it's path at the end of the lvcreate command.
Mount the root partition on /mnt/root
mount -t proc proc /mnt/root/proc/
mount -t sysfs sys /mnt/root/sys/
mount -o bind /dev /mnt/root/dev/
chroot /mnt/root
grub-mkconfig
grub-install /dev/sda
should work
>>
>>57842431
>grub-mkconfig
>grub-install /dev/sda
I don't remember if that is the correct order. So run mkconfig after install again.
>>
>>57842253
I have to sleep. I hope it worked for you, you dense weaboo, proprietary faggot.
>>
>>57840635
>full-volume
E L E V E N
L
E
V
E
N
>>
>>57840743
Ubuntu has an option to encrypt the volume when you do a fresh install. No idea of any details about it though.
>>
>>57841093
>>57841153
>recommending a encryption solution that grants people a root shell just by holding down the enter key for 70 seconds
sounds secure
http://securityaffairs.co/wordpress/53494/breaking-news/cve-2016-4484-linux.html
>>
>>57844506
Do you even read what you post?
>The experts highlighted the fact that anyway the attacker is not able to access to to the contents of the encrypted drive.
Dumb meme poster, I bet you saw the headlines in some shit tech consumerist site and thought you are the smartest retard on earth.
Also, learn what the initram is and does.
Thread posts: 33
Thread images: 2
Thread images: 2