Installing ecryptfs in BT4.
This guide is a simple one to get encryption setup. This is not the best way of doing things
However it is probably the quickest and easiest to do.
First things:
-----------------code------------------------------
root@bt:~# apt-get install ecryptfs-utils
Reading package lists... Done
The following NEW packages will be installed:
ecryptfs-utils libecryptfs0 libtspi1
0 upgraded, 3 newly installed, 0 to remove and 19 not upgraded.
Need to get 331kB of archives.
After this operation, 1212kB of additional disk space will be used.
Do you want to continue [Y/n]? y
-----------------code------------------------------
After the install is complete before you go on READ THE MAN PAGE and the faq
-----------------code------------------------------
root@bt:~# man ecryptfs
root@bt:~# /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html
-----------------code------------------------------
See also the web page at http://ecryptfs.sourceforge.net/
This is important for your security.
Next run the setup
-----------------code------------------------------
root@bt:~# ecryptfs-setup-private
Enter your log in passphrase: enter your actual log in info here
Enter your mount passphrase [leave blank to generate one]:
************************************************************************
YOU SHOULD RECORD THIS MOUNT PASSPHRASE AND STORE IN A SAFE LOCATION:
a706b05233346537fa28121a40e2040ce
THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.
************************************************************************
Done configuring.
Testing mount/write/umount/read...
Testing succeeded.
-----------------code------------------------------
Once this is done there will be a new directory created called Private
Since I did this with the root user account it is stored in /
Inside this directory is a readme read it before proceeding.
So in order to use your new encrypted directory you will need to log out and back in.
Now your log in passphrase along with the aforementioned mount passphrase will be used to mount the directory Private. There are caveats to using this type of system. Only data you store in Private is encrypted. Any data saved or collected while browsing the internet that is stored elsewhere on the system will be not be encrypted. If you have a swap partition it will not be encrypted either. As with most encryption systems if you leave physical access or access to the encrypted container open (suppose you leave the computer and go out for a coffee, without logging out) then again the data would be accessible. Also when you log out the folder will show that there is encrypted data in the directory.
No comments:
Post a Comment