Tag Archives: encryption

encrypted file-partition

How to create:

dd if=/dev/urandom of=/home/user/.hide bs=1GB count=10
dd if=/dev/urandom of=/home/user/.keyfile bs=1KB count=2
losetup /dev/loop1 /home/user/.hide
badblocks -s -w -t random -v /dev/loop1
cryptsetup luksFormat /dev/loop1 -d /home/user/.keyfile
cryptsetup luksOpen /dev/loop1 secret -d /home/user/.keyfile
mkfs.ext4 -j /dev/mapper/secret
e2fsck -f /dev/mapper/secret

How to mount:

losetup /dev/loop1 /home/user/.hide
cryptsetup luksOpen /dev/loop1 secret -d /home/user/.keyfile
mount /dev/mapper/secret /mnt/hide/

How to umount:

umount /mnt/hide
cryptsetup luksClose secret
losetup -d /dev/loop1

Arch: encrypted partition above lvm

1. Create two partitions:
sda1 — for /boot
sda2 — for lvm

2. Create lvm partitions:
/
/home
swap

3. Encrypt partitions with «cryptosetup luksFormat»

4. Example of /boot/grub/menu.lst:
title Arch Linux Crypto
root (hd0,0)
kernel /vmlinuz26-lts cryptdevice=/dev/local/root:root root=/dev/mapper/root ro
initrd /kernel26-lts.img

5. Setup crypttab:
home            /dev/local/home         /etc/cryptfs.key
swap            /dev/local/swap         /etc/cryptfs.key

6. Setup fstab:
add there devices names of unencrypted devices like «/dev/mapper/root», example:
tmpfs /tmp tmpfs nodev,nosuid 0 0
LABEL=localboot /boot ext2 defaults 0 1
/dev/mapper/root / ext4 defaults 0 1
/dev/mapper/home /home ext4 defaults 0 0
/dev/mapper/swap swap swap defaults 0 0

7. Edit /etc/mkinitcpio.conf
HOOKS="base udev autodetect pata scsi sata lvm2 encrypt filesystems usbinput"

8. Regenerate initrd:
mkinitcpio -p kernel26-lts

cisco: set passwords

Test1>en

Test1#conf t

Test1 (config)#service password-encryption

 

Console passwords:

Test1>en

Test1#conf t

Test1 (config)#line console 0

Test1 (config-line)#password clipass

Test1 (config-line)#login

Test1 (config-line)#exit

 

Vty pass:

Test1 (config)#line vty 0 4

Test1 (config-line)#password vtypass

Test1 (config-line)#login

Test1 (config-line)#exit

 

Enable priveleges:

Test1 (config)#enable password mypassword

Test1 (config)#enable secret mysecret

crypto: gpg

gpg --list-keys // get a list of all keys installed in the system
gpg --list-sigs // get a list of all the keys in the system (with all signatures)
gpg --sign-key ID // to sign a key with a specific ID
gpg --import KEY // import the key into the system
gpg --export -a -o KEY.asc ID // export the key in ascii format to a file KEY.asc

psi encryption

Activationg encription in PSI (Best jabber client)
In order to PSI under (k) ubuntu has been active selection button pgp (gpg) key must install the appropriate plug-in:
aptitude install libqca2-plugin-gnupg
or emerge app-crypt/qca-gnupg in gentoo linux


First, you must identify your account with your key for this:
Open your account settings
Click the item «modify».
Select the tab «details».
Click on the button «select key».
Choose your key and click «OK».

Once you perform this operation, the program at startup will ask you to enter a password to your private key. This is normal, since the operations of your correspondents decrypt messages and sign their communications needs access to your private key.

Next you need to associate a user account (your correspondent), with its key.
To do this:
In the Contacts program (roster) choose the correspondent, whose key you imported is signed and assigned him to the level of confidence
Click on the right mouse button and select «Set Key OpenPGP».
In the window that opens, select the key of the correspondent.
Presses «OK».

To activate encryption when communicating with your buddies, click on the lock symbol, which will be active in the bar of the dialog. In private communication you will receive a colorful message from the program in the dialog box that encryption is enabled.