UbuntuHelp:HardyEncryptedWholeDisk
来自Ubuntu中文
 |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
目录
Whole Disk Encryption with Hardy Heron 8.04
Skill: High Complexity: High estTimeToComplete: 1.5 hours (excluding. radomizing disks) This will chronicle setting up your system (server/desktop) with whole disk encryption. It is the first step before creating a two-form-factor installation. Previous documentation focused on creating a whole disk encrypted system via installation in a temporary partition. This is not necessary with Hardy Heron which is able to create an whole disk encrypted system during the installation. The desktop version installation does not include any of the utilities required for 'out-of-the-box' encryption. The server version of the installation must be used. Additionally, while there was an effort to enforce the highest key size and hash options for the cryptsetup for the disk partition, those settings were ignored. From the MAN pages cryptsetup(8) and other Google resources, and regardless of the LUKS On-Disk Format Specification Ver 1.1 Feb 18, 2006 the hash value is ignored and the key size is limited to /proc/crypto max key size. The hash will always be SHA1 in HMAC mode. And the key size will be limited to the min/max values for your chosen encryption and architecture regardless of your desire for larger key sizes. Considering this behavior, Hardy Heron correctly and rightly presents the highest encryption options during the disk partitioning for encrypted volumes; That is the maximum key size of 256bits/32bytes, and the more robust encryption/iv of (aes)cbc-essiv.
| Consider these excellent documents for related encryption information and methods. | > |
Randomize Disks
Hardy Heron does not pre-randomize prior to partitioning. If you are concerned with leaking the size your encrypted partitions relative to the physical disk volume you will need to randomize the disks. NOTE: This assumes virgin disks. If you are utilizing re-purposed disks and are concerned with the data they once contained being forensically available please consider Darik's Boot and Nuke DoD grade disk wipe. NOTE: It appears that Hardy Heron partman-crypto can perform a disk wipe when the option to `Erase Data` is selected. However, based on source this appears to only write ZEROS/0. You can/should manually randomize the disks before partitioning by connecting to a virtual terminal via Alt-F2 during the installation. Highest Security This will take the longest but affords the highest entropy:
dd if=/dev/random of=/dev/{YOUR_DEVICE}
Medium Security For roughly half the time as using /dev/random while still affording decent entropy use /dev/urandom:
dd if=/dev/urandom of=/dev/{YOUR_DEVICE}
Lowest Security A suggestion from Uwe Hermann - "Overwrite the whole drive with random data in order to slow down attacks on the encryption. At the same time perform a bad blocks scan to make sure the hard drive is not going to die too soon..." In testing this took considerably less time. However, this was likely at the expense of higher entropy:
badblocks -c 10240 -s -w -t random -v /dev/{YOUR_DEVICE}
Least Security Doing nothing to randomize your disks prior to partitioning or relying on the `Erase Data` partition option.
Hardy Heron 8.04 SERVER
The desktop version installation does not include any of the utilities required for 'out-of-the-box' encryption. The server version of the installation must be used. Installing the server version first reduces installation times, minimizes the disk consumed and avoids the initial clutter of a gui desktop for the encrypted setup. There is an included optional step towards the very end which will install the ubuntu-desktop. I install the server in expert mode. Thankfully, the disk partition utility can accommodate most any combination of encrypted/lvm/filesystem setups. It is no longer necessary to install into a temporary partition. (Yeah!) Guided - use entire disk and set up encrypted LVM was selected since this particular partitioning scheme is sufficient with the Seperate /home, /usr, /var and /tmp. It defaults to EXt3 filesystems and sizes that it determines. You can 'Go Back' to change those before committing or use the 'Manual' disk partitioning to do your own layout. With the Guided - use entire disk and set up encrypted LVM the entire disk is first setup with encryption. You will be prompted for a strong passphrase. Then LVM is laid atop the crypt partition sda#_crypt with logical volumes and pre-calculated sizes created for all the filesystems (/var,/tmp,/home ...). Then EXT3 and swap filesystems are created for those logical volumes. Note: There does not appear to be any means for specifying/changing the name for encrypted partition. The name will default to sda#_crypt or something similar based on your disk devices. The boot volume /boot must be unencrypted as GRUB can't handle decrypting a boot partition. Also, note that an XFS /boot partition may be problematic. A general rule of thumb 1.25 to 2 times physical RAM for the swap partition. Again, should you have particular encryption options, layout/size requirements or filesystem choices then select the 'Manual' disk partitioning option.
Install Server Base
There is a wealth of documentation for installing Ubuntu Hardy Heron 8.04 Server. Please refer to those documents if necessary. Configure the package manager and enable the desired resources. Using the 'Alternative' installation media for an OEM installation does not appear to offer encrypted disk configuration. Once the server installation is complete, the install media ejected, and the host rebooted you should be prompted for the sda#_crypt passphrase to unlock the disk and continue.
Optional
Install Ubuntu Desktop
It is really quite painless and effective. I'm quite impressed! Enjoy the eye-candy!
apt-get install ubuntu-desktop
Setup Two Form Factor Whole Disk Encryption
If you've successfully booted into the single form factor encrypted whole disk installation then you can continue setting up the system with the USB cryptKey for Two Form Factor authentication.
Potential Security Vulnerabilities/Vectors and Solutions
Previously Used Disks
If you are utilizing disks which contained unencrypted data and you want to assure with a high confidence that the original data cannot be recovered forensically, you will need to perform multiple wipes. The Ultimate Boot CD (UBCD) contains Darik's Boot and Nuke which is helpful for military grade disk wipes.
Unencrypted Boot Partition on the Host
With boot volume on the host kernel updates are convenient. However, without physical security of the host the initramfs image is vulnerable. Unless you take measures to check the boot initramfs image for un-authorized changes an interloper may alter the initramfs boot image and insert code that may intercept and redirect any accessible keys/files.
- Install the /boot volume on a USB flash drive. (Perhaps the 'strongest' protection to the problem. The 'keys' are more likely to stay in your possession.
- A hash checksum of the boot kernel and image presented before mounting. (Weak - adulterated initramfs image could report original numbers - fake out) It still might be advisable to checksum the /boot after /root mounted. Maybe an unnspecified script to report on the checksum and compare to the previous startup values. Brake booting if different for confirmation of changes. (thinking that the unidentified script would be outside of the initramfs ability to affect...)
- Encrypted /boot with GRUB able to prompt for passphrases to unlock the LUKS partitions. (Weak? - Now we have to trust GRUB hasn't been attacked. It is integral and bound to the hardrive partitions.) Could GRUB be loaded on a USB device?
Stored Passphrases
- Don't store passphrases.
- If stored, assure they too are stored encrypted. However, backups could compromise plausible deniability if discovery of such media/medium exists.
URandom Entropy
`urandom` does not have the highest entropy that `random` offers.
- Use 'random' when you can afford the painful time penalty for disk randomization.
Creative Commons License
Author: James B. Crocker EMail: [email protected] [1] This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.
![[1]](http://i.creativecommons.org/l/by-sa/3.0/88x31.png){kind=link}