SDB:Encrypted root file system (deprecated)

Jump to: navigation, search
This article gives a description how to set up a system encrypted as a whole not only with encrypted personal or user data or an encrypted partition for /home on deprecated (old and unsupported) Opensuse versions. If you are using Opensuse 11.2 or newer please ignore this page and go straight to SDB:Encrypted_root_file_system

The only drawback to encrypting the root file system is that it is not currently supported by the SUSE installation routines. There are several articles on the Web discussing various procedures for encrypting the root file system for other Linux distributions[8] [8] [9]. Unfortunately, these instructions do not quite work in their entirety for SUSE. On further inspection, this is not surprising, since working with an encrypted root system requires some tinkering with the boot process and this is one of the areas in which the various distributions compete against each other for market share [citation needed].

The main purpose of this HOWTO then, is to set forth the openSUSE specific instructions for working with an encrypted root file system. In doing so, this HOWTO draws on previous work from other distributions [8] [8] [9] and tries to suggest the minimal amount of changes to the openSUSE installation and boot processes so as to create a procedure that easily works with mainstream openSUSE. (Although designed for use with openSUSE, some variation of these procedures may work for other Linux distributions as well, but have not been tested on anything else.)

As of openSUSE 11.1, this is still a manual (but not that difficult) process. However, this is now discussed in openFATE, see #305633: Support installation with encrypted root file system.
If you are willing to use LVM, then it is already possible to trick the installer to directly install into an encrypted root as described here by Ludwig Nussel. Note that this will not work without LVMs.


Preliminaries

Prerequisites

  • An openSUSE 10.3 (or newer) installation source media.
  • A computer that meets the system requirements of openSUSE 10.3 (or newer).

Workflow

Since the openSUSE installation procedure does not yet support encrypting the root file system, the next best approach would be to use a live CD for running Linux, then create the encrypted root partition on the hard disk. However, a live CD is not included in the standard SUSE distribution [citation needed] and creating one is more time consuming than the procedure described here. (An alternative approach, which is less work than creating a live CD, would be to install SUSE onto a USB flash disk, run Linux from there, then create the encrypted disk partitions.) Finally, the pragmatic approach taken here is to create two partitions, install SUSE on one partition, encrypt the other, then copy SUSE from the first partition to the second [9].

Note: An openSUSE 10.3 Live CD has been released. Unfortunately, an x86_64 edition has not yet been released, so this method is still necessary for those computers.

A high level view of the workflow for the proposed procedure is:

  1. Install openSUSE, designating one partition temporarily as root.
  2. Make sure we have all the tools we need to continue.
  3. Create an encrypted swap partition.
  4. Create an encrypted partition on one of the remaining partitions.
  5. Copy the root file system into the new encrypted partition.
  6. Create a new initial ram disk (initrd) to boot the system
  7. Test the system to see that the boot procedure works for the new partition.
  8. Erase the original root partition and replace it by another encrypted file system for holding the user file system.

LINUXLAPTOP: For openSUSE 11.1 installed on an external USB disk, a summary of the commands is given at the end of this article.

Installing openSUSE

As a laptop is generally a single user machine, one can use a relatively simple disk partitioning scheme, e.g. one partition for swap, one for the root file system mounted at “/” and one for the user file system mounted at “/home”. Generally, the largest partition is reserved for /home; however, due to the limitations of the installation procedure, the root file system will first be installed into the partition that will later be used for the user file system (normally, the largest partition), then copied onto the smaller partition once the encrypted file system is in place.

Each of these three partitions will be encrypted, therefore, to boot the system, we require an additional small, unencrypted partition containing the boot files. This partition will be mounted at “/boot”. There are two options for creating the boot partition: either put it on the same disk, or on an external media such as a USB flash disk (USB memory stick). (See the #FAQ for a discussion of the various alternatives.)

For correct partitioning, one needs to enter the expert partitioner mode when the installation process is started.

For the boot partition, reserve at least 40 MB, or more if multiple kernels are to be available. (75 MB is probably the safer choice and on most modern laptops there is enough room to spare on the hard disk.) This partition needs the mount point “/boot”.

For those using a USB flash disk, plug it in before booting the computer with the installation CD in the disc drive. openSUSE should recognize the USB flash along with the computer's other disks, displaying it in the list of disks from the “Expert partitioner” menu. The USB flash disk should be formatted using a Linux file system (ext2 will suffice) and it should be mounted at “/boot. Furthermore, in the “fstab Options” dialog, click the box “Do Not Mount at System Start-up”. This is necessary because the USB devices are created after the boot.localfs script tries to mount the entries listed in fstab. (You can always remount the USB flash disk later if you need it.)

For the sake of discussion assume the partition table looks like this:

device mount point notes
/dev/sda1 /boot
/dev/sda2 swap This will become the encrypted swap.
/dev/sda3 /home This will become the encrypted root.
/dev/sda4 / This will become the encrypted home.

(As noted before, the idea is to first install the root partition on sda4, then create an encrypted file system on sda3, copy the root system from sda4 to sda3 and finally create another encrypted partition on sda4 for the users file system.)

In the package selection, ensure that the package “cryptsetup” is installed.

Complete the installation and log in as root. (Do not log in as a normal user, since the mount point for the user's file system will be changed.)

At this point, one has to select the encryption software. There are several options for Linux available, such as: “cryptsetup” [10], “loop-aes” [2] and “truecrypt” [3]. This HOWTO discusses the procedure for cryptsetup as it is the simpler package to use [1] [4] [8] [22][28] . (For system managers, the main advantage of using the LUKS system lies in the ability to configure multiple passwords for encrypting a single partition. This helps in recovering encrypted data when users forget their passwords.)

Preparing the tools

In openSUSE 10.3, mkinitrd works out of the box if we correct a typo in the script /lib/mkinitrd/scripts/setup-luks.sh .

In the line,

luks_blockdev="$luks_blockdev $lucksbd"

We must replace “$lucksbd” by “$luksbd” (notice the letter “c”). After doing this, everything should work fine.

NOTE: This issue has been resolved with mkinitrd-2.1-36.2. So an alternative to this is installing this package.

CAVEAT: As of 2008-02-02 and mkinitrd-2.1-36.4, there is still a problem that prevents using a Linux soft RAID partition as the partition where the LUKS encrypted partition resides on, see https://bugzilla.novell.com/show_bug.cgi?id=358341. The problem is easy to fix by applying the patch to /lib/mkinitrd/scripts/setup-luks.sh that is attached to this Bugzilla report, but be aware that updates to the mkinitrd package will overwrite that change and then, after another kernel update, your system will no longer boot.

ICEBERG: As of 2008-05-12 and mkinitrd-2.1-36-5 luks encrypted partitions are not automatically found by mkinitrd. Workaround: open /lib/mkinitrd/scripts/setup-storage.sh and add your partitions to the variable blockdev in the last line of the script, e.g.:

blockdev="$(resolve_device Root $rootdev) $(resolve_device Resume $resumedev) $(resolve_device Journal $journaldev) $(resolve_device Dump $dumpdev) /dev/mapper/home /dev/mapper/swap"

LINUXLAPTOP: A similar extension was required for encrypting an openSUSE 11.1 laptop installation on an external USB drive (see [30]),

Create an encrypted swap partition

To gain familiarity with the encryption software, practice by encrypting the swap partition. (If anything goes wrong it is easy to repair.)

One of the advantages of using the LUKS system [10] [28] is that it does not use the supplied password directly for the encryption, but rather a random key with a default size of 128 bits is generated and this key is encrypted using the supplied password (along with a randomly generated salt). For this reason, it is safe and convenient to use the same password to protect the master key of each separate partition. (The alternative, using a different password for each partition is very inconvenient and offers little in the way of increased security.) Therefore, before proceeding, select a good password which is immune to dictionary attacks and infeasible to guess using a brute force attack.

First, one needs to load some kernel modules which may not have been loaded by default. (Later these will loaded by initrd.)

modprobe dm-mod
modprobe dm-crypt
modprobe aes
modprobe sha256
modprobe sha1

[N.B. - with stock 11.1 I had to use `modprobe sha256_generic; modprobe sha1_generic`.] The first module is the device mapper module, the second is the device mapper cryptography module, the third is the default cipher, the fourth is the default hash algorithm and the fifth is the default LUKS hash spec.

Turn off the existing swap:

swapoff /dev/sda2

Fill the swap partition with random data. (This will take a few minutes.)

dd_rescue /dev/urandom /dev/sda2

Initialize the encrypted swap device using the command:

cryptsetup -v --key-size 256 luksFormat /dev/sda2

This command will first ask for the password, then create a new encrypted partition using the AES cipher, in the cbc-essiv mode [citation needed; the manpage is unclear about defaulting to ESSIV]. These default settings are recommended by the NIST [11] and the NSA [12] [13] (though it must be added that neither the NSA nor the NIST have endorsed this particular software package) as well as other experts.

Important note: If you get a “Command failed” error, be certain you read the instructions very carefully and follow them, regarding the confirmation.

To view the LUKS partition header information use:

cryptsetup -v luksDump /dev/sda2

Now open the new encrypted partition:

cryptsetup -v luksOpen /dev/sda2 swap

This should have created a new mapped device in /dev/mapper/ called swap. To use this as a swap device, add a swap file system and turn the swap back on.

mkswap /dev/mapper/swap
swapon /dev/mapper/swap

If you use the command “free”, you should be able to see the new swap space.

The device mapper is a thin software layer responsible for all I/O to the underlying device. In this case its job is to perform data encryption and decryption.

Create an encrypted file system on one of the remaining partitions

Having practiced with swap, it is now time to proceed to the root file system.

Unmount /home, to prepare the new root file system.

umount /dev/sda3

Filling Disks with random Data

Warning: All of the following commands will delete the data on your partitions, so use with caution!

There are a few different options available as to how the partition should be filled with random data. This eventually protects the encrypted partitions against full cryptoanalytic attacks, should the disks ever be lost, stolen, or try to be compromised. Some options are better than others, and more or less time consuming depending on the hardware being used. Methods currently available are: semi-random /dev/urandom, encrypted /dev/zero, or the shred/wipe method.

Option 1: /dev/urandom

This will fill the following device or partition with kernel generated semi-random data. It is the easiest method to use, but is seven times slower than the method below on modern hardware, because it uses a PRNG to gather data instead of doing actual encryption.

Option 2: encrypted /dev/zero

The fastest method is to initially fill the beginning (e.g. 2 MB) of the disk with /dev/urandom:

dd_rescue -m 2M /dev/urandom /dev/sda3

and then run luksFormat and luksOpen (see below). Now you can fill the decrypted logical disk (/dev/mapper/my_encrypted_partition) from /dev/zero

dd_rescue /dev/zero /dev/mapper/my_encrypted_partition

This will fill the decrypted disk with zeros which will be encrypted and saved to your physical device. This will be indistinguishable from semi-random data on the physical disk and is much faster.

On an 64-bit Dell M4400, this method wrote at approximately 50MB per second, whereas reading from /dev/urandom ran at approximately 7MB per second. This is an improvement of over seven times, although it is potentially somewhat less secure for high-resource attacks against the disk encryption[citation needed]. (I.e., supercomputer cryptographic attack against the disk key, although this does not matter unless you plan to use at least a 40 character disk password for LUKS along with using /dev/urandom.)

Option 3: shred/wipe

One of the slowest options, but perhaps more secure. Name: "shred - overwrite a file to hide its contents, and optionally delete it" Description: "Overwrite the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data."

shred can do many writes (or passes) on the disk depending on what options are given, although still taking input from /dev/urandom (with the default options, this can be changed). What I also find useful with shred is the -v option which actually shows the fill progress of your drive and or partitions. On the other hand using default options for dd_rescue mentioned in this HOWTO is the faster method than the above mentioned shred method.

Doing it

So now we will start filling /dev/sda3 with random data using option 1 from above: (Depending on the size of the partitions and the speed of your CPU, this my take from tens of minutes to a couple of hours.) On my Intel Core2Duo E8400 it took me around 3 to 3.5 hours to write 60 GB of data using SATA 3.0 HDD's

dd_rescue /dev/urandom /dev/sda3


Once the dd_rescue command has finished, create the device mapping for the root partition by following the same procedure for swap. (Be sure to use the same password to enable a single sign-on.)

cryptsetup -v --key-size 256 luksFormat /dev/sda3

To view the details of the encrypted partition use:

cryptsetup luksDump /dev/sda3

Now open the encrypted partition

cryptsetup luksOpen /dev/sda3 root

As before, this should have created an entry in /dev/mapper/, but this time called root.

Again, one needs to create a file system on the new device. (ext3 is the default file system for openSUSE 10.3, but one should use the same file system used when the system was originally installed [citation needed].)

/sbin/mkfs.ext3 -O dir_index,resize_inode /dev/mapper/root

Copy the root file system into the new encrypted partition

Once the new encrypted system is created, the complete root file system must be copied to this new file system. First, it has to be mounted somewhere:

mkdir /mnt/root
mount /dev/mapper/root /mnt/root

There are many methods for copying files, but of the top common ones, only rsync preserves all attributes including ACLs/Xattrs, sparse mode and a progress-meter. Note that there is no need to copy the special file systems like /dev, /proc and /sys since these will be re-created when the system is booted.

This rsync invocation will not traverse filesystems, but will create the various mount points and preserve all attributes:

rsync -AHSXax / /mnt/root/

cd to /mnt/root/etc and open fstab in any text editor. Change the entry for /dev/sda3, the former home-partition, into:

/dev/mapper/root     /      ext3    acl,user_xattr        1 1

Now, when this partition is mounted, all I/O to the root file system passes transparently through the device mapper.

Likewise, add an entry in fstab for the encrypted swap, deleting any other swap entries which might be present:

/dev/mapper/swap   swap     swap    defaults              0 0

In addition, the entry for /dev/sda4, the former root-partition, should be written as:

/dev/sda4          /home    ext3    acl,user_xattr        1 2

Create a new initial ram disk (initrd) to boot the system

In order to use the new encrypted root file system, it must be decrypted when the system is booted. This job is best handled by a specially crafted initial ram disk (initrd) [15]. (One could also use an initial ram file system (initramfs) [8] [27], though this requires recompiling the kernel.) Normally, openSUSE creates the initrd to perform operations like loading device drivers specific to the computer being booted. This enables them to ship a generic kernel, then use loadable kernel modules to configure the kernel for specific user needs.

While one can in principle create the initrd by hand [15] [16], this is an error prone procedure requiring regeneration whenever the hardware configuration or kernel changes. It is also not necessary since SUSE provides the mkinitrd package [17] for automatically generating the initrd. The approach taken here is to modify the driving script, mkinitrd, to automatically create the necessary initrd required for an encrypted root file system.

Before using it the first time it would be wise to make a backup of the existing initrd residing in /boot. The best approach would be to copy it to another file (e.g., init-orig) in /boot so that it can be used as a backup in case something goes wrong.

To use mkinitrd type:

mkinitrd -d /dev/mapper/root -f "dm luks"

The option "-d /dev/mapper/root" denotes the location of the new root device and must be given the first time this version of mkinitrd is run. Once the system is using the encrypted root partion, this option is no longer necessary. The option '-f "dm luks"' tells mkinitrd to enable the luks feature.

What the new mkinitrd does is to examine the devices in "/dev/mapper" to determine which ones use encryption and what ciphers need to be loaded into the kernel at boot time. It then adds a small section to the init script to query the password during the initial boot phase and decrypt all the file systems.

Note: I had to use: "yast2 --> system --> editor for /etc/sysconfig --> system --> kernel --> initrd_modules --> add dm-mod dm-crypt aes_i586 blkcipher" to enable the right modules while booting. Maybe you also need the "lrw" module, if you wanna use a cipher like aes-lrw-benbi.

Create an entry in the bootloader menu for the new root file system

The final step is to create a new entry in the Grub menu for the encrypted partition. Edit the boot menu and create a NEW entry which contains the new parameters. It might look something like this:

/boot/grub/menu.lst

###Encrypted root###
title openSUSE 10.3 - encrypted
   root (hd0,0)
   kernel /vmlinuz-VER-default root=/dev/mapper/root luks_root=/dev/sda3 luks_swap=/dev/sda2 luks="root swap" vga=0x317 resume=/dev/mapper/swap splash=silent showopts
   initrd /initrd-VER-default

It is recommended, NOT to delete the old entries, until one is sure the system is booting properly. (Note: One needs to modify the old entries to use the old initrd which was saved for exactly this purpose.)

Now, close all open files and try to boot using the encrypted partition. You will have to type in your password once for each encrypted partition.

Note: If you are using a docking station, you may have to use the laptop keyboard to enter the decryption password.

Note: If you are using a USB flash drive, you may need to adjust your BIOS settings so that the USB device comes before the hard disk in the boot order.

Erase the original root partition and replace it by another encrypted file system

After checking that everything is working, proceed to erase the original root partition and replace it by another encrypted file system:

umount /dev/sda4
dd_rescue /dev/urandom /dev/sda4
cryptsetup -v --key-size 256 luksFormat /dev/sda4
cryptsetup luksOpen /dev/sda4 home
/sbin/mkfs.ext3 -O dir_index,resize_inode /dev/mapper/home
mount /dev/mapper/home /home

Edit fstab and add an entry for /home, e.g.

/dev/mapper/home   /home  ext3      acl,user_xattr  1 2

Re-run mkinitrd to add the information for /home to the initrd.

mkinitrd

Now edit the bootloader menu to decrypt home at startup.

/boot/grub/menu.lst

###Encrypted root###
title openSUSE 10.3 - encrypted
   root (hd0,0)
   kernel /vmlinuz-VER-default root=/dev/mapper/root luks_root=/dev/sda3 luks_swap=/dev/sda2 luks_home=/dev/sda4 luks="root swap home" vga=0x317 resume=/dev/mapper/swap splash=silent showopts
   initrd /initrd-VER-default

Add a user account

Reboot, add a user account and enjoy. Note: since a laptop is generally a single user machine, and since the decryption password was given at boot time, it is relatively safe to configure the system to directly initiate a session for the user once the system is booted. This saves entering an additional password.

Note: The user account should still have a password, but a convenience auto-login can be enabled.

Summary of commands for openSUSE 11.1 installed on an external USB drive

In the following a summary of the steps described above is given including some modifications ([30]) for openSUSE 11.1 installed on an external USB drive. NOTE: The modifications made in [30] for mkinitrd 2.4 are a port of the changes included in [18] for mkinitrd 1.2.

# ------------------------------------------------------------------------------
# Install OpenSUSE 11.1 from DVD
# ------------------------------------------------------------------------------
- Create Partition Setup
  + Custom Partitioning (for experts)
    - Delete all existent partitions
    - Create primary partition (sda1), ext3, 200 MB, mount point '/boot'
    - Create primary partition (sda2), swap, 4 GB, mount point '/swap'
    - Create primary partition (sda3), ext3, 20 GB, mount point '/home'
    - Create primary partition (sda4), ext3, <remaining>, mount point '/'
- add package 'emacs'
# ------------------------------------------------------------------------------
# backup boot files, i.e. initial ramdisk, etc.
# ------------------------------------------------------------------------------
mkdir /BACKUP
cp -ax /boot/* /BACKUP
mv /BACKUP /boot
# ------------------------------------------------------------------------------
# create an encrypted swap partition
# ------------------------------------------------------------------------------
swapoff /dev/sda2
dd_rescue /dev/urandom /dev/sda2
cryptsetup -v --key-size 256 luksFormat /dev/sda2
cryptsetup -v luksDump /dev/sda2
cryptsetup -v luksOpen /dev/sda2 swap
mkswap /dev/mapper/swap
swapon /dev/mapper/swap
# ------------------------------------------------------------------------------
# create an encrypted file system for the new root partition
# ------------------------------------------------------------------------------
umount /dev/sda3
dd_rescue /dev/urandom /dev/sda3
cryptsetup -v --key-size 256 luksFormat /dev/sda3
cryptsetup luksDump /dev/sda3
cryptsetup luksOpen /dev/sda3 root
/sbin/mkfs.ext3 -O dir_index,resize_inode /dev/mapper/root
mkdir /mnt/root
mount /dev/mapper/root /mnt/root
# ------------------------------------------------------------------------------
# copy files from old to new root partition
# ------------------------------------------------------------------------------
cd /
find bin boot dev etc home lib* opt root sbin srv tmp usr var -depth -print0 | cpio -pmd --null /mnt/root
mkdir /mnt/root/proc
mkdir /mnt/root/sys
mkdir /mnt/root/media
mkdir /mnt/root/mnt
# ------------------------------------------------------------------------------
# update /etc/fstab
# ------------------------------------------------------------------------------
cp /etc/fstab /etc/fstab.ORIG 
emacs /etc/fstab 
---
/dev/mapper/swap     swap                 swap       defaults              0 0
/dev/mapper/root     /                    ext3       acl,user_xattr        1 1
/dev/sda1            /boot                ext3       acl,user_xattr        1 2
/dev/sda4            /home                ext3       acl,user_xattr        1 2
proc                 /proc                proc       defaults              0 0
sysfs                /sys                 sysfs      noauto                0 0
debugfs              /sys/kernel/debug    debugfs    noauto                0 0
usbfs                /proc/bus/usb        usbfs      noauto                0 0
devpts               /dev/pts             devpts     mode=0620,gid=5       0 0
---
cp /etc/fstab /mnt/root/etc/
# ------------------------------------------------------------------------------
# update scripts for creating a new initial ram disk 
# ------------------------------------------------------------------------------
# back up original files
cp /lib/mkinitrd/scripts/boot-luks.sh     boot-luks.sh.ORIG
cp /lib/mkinitrd/scripts/setup-luks.sh    setup-luks.sh.ORIG
cp /lib/mkinitrd/scripts/setup-storage.sh setup-storage.sh.ORIG
cp /sbin/mkinitrd                         mkinitrd.ORIG
# update mkinitrd scripts (phase 1 --- w/o encrypted 'home' partition)
tar -xvzf mkinitrd-ut.tar.gz
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_boot-luks.sh            /mnt/root/lib/mkinitrd/scripts/boot-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-luks.sh           /mnt/root/lib/mkinitrd/scripts/setup-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-storage-phase1.sh /mnt/root/lib/mkinitrd/scripts/setup-storage.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut                                 /mnt/root/sbin/mkinitrd
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_boot-luks.sh            /lib/mkinitrd/scripts/boot-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-luks.sh           /lib/mkinitrd/scripts/setup-luks.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-storage-phase1.sh /lib/mkinitrd/scripts/setup-storage.sh
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut                                 /sbin/mkinitrd
# ------------------------------------------------------------------------------
# create a new initial ram disk
# ------------------------------------------------------------------------------
mkinitrd -v -d /dev/mapper/root -f "dm luks"
# ------------------------------------------------------------------------------
# edit '/boot/grub/menu.lst'
# ------------------------------------------------------------------------------
emacs /boot/grub/menu.lst
# add new entry to '/boot/grub/menu.lst':
###Encrypted root###
title openSUSE 11.1 - encrypted
   root (hd0,0)
   kernel /vmlinuz-2.6.27.7-9-pae root=/dev/mapper/root luks_root=/dev/sda3 luks_swap=/dev/sda2 luks=root,swap vga=0x317 resume=/dev/mapper/swap splash=silent showopts
   initrd /initrd-2.6.27.7-9-pae
# ------------------------------------------------------------------------------
# reboot
# ------------------------------------------------------------------------------
# check that everything is working ... 
# free --> swap space
# suspend-to-disk
# ...
# ------------------------------------------------------------------------------
# encrypt the 'home' partition (and delete the up to now original root partition)
# --> good luck, this is the point of no return ;-) 
# ------------------------------------------------------------------------------
umount /dev/sda4
dd_rescue /dev/urandom /dev/sda4
cryptsetup -v --key-size 256 luksFormat /dev/sda4
cryptsetup luksOpen /dev/sda4 home
/sbin/mkfs.ext3 -O dir_index,resize_inode /dev/mapper/home
mount /dev/mapper/home /home
# ------------------------------------------------------------------------------
# update /etc/fstab
# ------------------------------------------------------------------------------
emacs /etc/fstab 
---
/dev/mapper/swap     swap                 swap       defaults              0 0
/dev/mapper/root     /                    ext3       acl,user_xattr        1 1
/dev/sda1            /boot                ext3       acl,user_xattr        1 2
/dev/mapper/home     /home                ext3       acl,user_xattr        1 2
proc                 /proc                proc       defaults              0 0
sysfs                /sys                 sysfs      noauto                0 0
debugfs              /sys/kernel/debug    debugfs    noauto                0 0
usbfs                /proc/bus/usb        usbfs      noauto                0 0
devpts               /dev/pts             devpts     mode=0620,gid=5       0 0
---
# ------------------------------------------------------------------------------
# update scripts for creating a new initial ram disk (now for all partitions encrypted)
# ------------------------------------------------------------------------------
# update mkinitrd scripts (phase 2 --- with encrypted 'home' partition)
cp mkinitrd-ut/mkinitrd-2.4-34.1-ut_scripts_setup-storage-phase2.sh /lib/mkinitrd/scripts/setup-storage.sh
# ------------------------------------------------------------------------------
# create a new initial ram disk 
# ------------------------------------------------------------------------------
mkinitrd -v -d /dev/mapper/root -f "dm luks"
# ------------------------------------------------------------------------------
# edit '/boot/grub/menu.lst'
# ------------------------------------------------------------------------------
emacs /boot/grub/menu.lst
# replace entries in '/boot/grub/menu.lst' by:
###Encrypted root###
title openSUSE 11.1 - encrypted
   root (hd0,0)
   kernel /vmlinuz-2.6.27.7-9-pae root=/dev/mapper/root luks_root=/dev/sda3 luks_swap=/dev/sda2 luks_home=/dev/sda4 luks=root,swap,home vga=0x317 resume=/dev/mapper/swap splash=silent showopts
   initrd /initrd-2.6.27.7-9-pae
###Encrypted root failsafe###
title Failsafe -- openSUSE 11.1 - encrypted
   root (hd0,0)
   kernel /vmlinuz-2.6.27.7-9-pae root=/dev/mapper/root luks_root=/dev/sda3 luks_swap=/dev/sda2 luks_home=/dev/sda4 luks=root,swap,home ide=nodma apm=off noresume nosmp maxcpus=0 edd=off powersaved=off nohz=off highres=off processor.max_cstate=1 x11failsafe vga=0x317 showopts
   initrd /initrd-2.6.27.7-9-pae
# ------------------------------------------------------------------------------
# reboot and have fun ;-)
# ------------------------------------------------------------------------------
# Thanks also to Mathias Grimmberger for the bug-fix in 'boot-start.sh' and the 
# corresponding adjustments of the kernel parameters in '/boot/grub/menu.lst'!
# ('luks="root swap home"' --> 'luks=root,swap,home')
# ------------------------------------------------------------------------------

FAQ

Exactly what types of attacks is this procedure design to protect against?

The procedure described herein can protect a laptop (or other computer) against the following attacks.

  • A laptop is the subject of a random theft followed by serendipitous profiteering. Generally, the thief has not targeted the laptop specifically, but simply stole a laptop thought to be of some value. Such a thief would typically sell the laptop to a fence who might have the expertise to search an unprotected laptop for valuable data as well as the contacts necessary to profit from any such data.
  • A second common attack is where the thief has specifically targeted the laptop because they suspect it contains valuable data. In this case the thief also knows how to find the data and what to do with it.

Should one use an external USB flash drive for booting?

Using an external USB drive prevents an attacker from tampering with the boot partition, e.g., someone could access the computer when it is turned off, installed a new kernel containing a Trojan horse capable of capturing the master key and storing it somewhere on disk where the attacker can find it later once the computer is stolen. Moving the kernel to a USB flash drive can prevent this type of attack, though it also shifts the problem from protecting the computer to protecting the flash drive. This attack pattern is far more sophisticated than the ones described above and is therefore of lower probability -- unless the user happens to fall into into a high risk category such as: union organizers or other human rights workers, government whistle blowers and workers in industries where industrial espionage is common. If one is at a high risk of being the victim of sophisticated attacks of this nature, then one should consider booting from a USB flash drive.

The drawback of using a USB flash drive for booting is the need to carry the USB flash drive separately from the laptop and the consequent risk of losing the drive. If you lose it while on a trip, you may not be able to boot your computer until you return home, where your backup drive is hopefully in good working order.

What are the known vulnerabilities for the procedure suggested here?

Fruhwith [4] [26] discusses a range of cryptographic vulnerabilities associated with hard disk encryption. In particular, he notes that one of the most serious problem, namely the watermark vulnerability [24], has been solved for dm-crypt with the introduction of the ESSIV cipher mode.

Osvik et al. [25], discuss a successful side-channel attack on dm-crypt while it is running. In this attack, the computer is running and a specially designed script is able to steal the master key for any mounted partition. Although a serious weakness, the procedures discussed here are designed to work against attacks described in #FAQ.1 and #FAQ.2, i.e., when the system is turned off. Securing a running system requires firewalls, access control and software integrity checks -- topics beyond the scope of this HOWTO.

References

  1. dm-crypt: a device-mapper crypto target, http://www.saout.de/misc/dm-crypt/
  2. J. Ruusu,"loop-AES", http://sourceforge.net/projects/loop-aes/
  3. "True Crypt", http://www.truecrypt.org/
  4. C. Fruhwirth, "Linux hard disk encryption settings", http://clemens.endorphin.org/LinuxHDEncSettings
  5. J. Arnt, et al., "SUSE Linux Start-Up", http://en.opensuse.org/Distribution/SL-10.1/inst-source/docu/en/startup_en.pdf
  6. "EncFS Encrypted Filesystem", [http://encfs.sourceforge.net/
  7. C. Devine, "Encrypted Root Filesystem HOWTO", http://tldp.org/HOWTO/Encrypted-Root-Filesystem-HOWTO/
  8. "SECURITY System Encryption DM-Crypt with LUKS", http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS
  9. M. Petullo,"Encrypt Your Root Filesystem", http://www.linuxjournal.com/article/7743
  10. "LUKS - Linux Unified Key Setup", http://luks.endorphin.org/
  11. M. Dworkin, "Recommendation for Block Cipher Modes of Operation", http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
  12. "CNSS Policy No. 15, Fact Sheet No. 1", http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf
  13. "Fact Sheet NSA Suite B Cryptography", http://www.nsa.gov/ia/industry/crypto_suite_b.cfm
  14. W. Almesberger and H. Lermen, "Using the initial RAM disk (initrd)", file:///usr/src/linux/Documentation/initrd.txt
  15. "SECURITY System Encryption DM-Crypt with LUKS/initrd", http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS/initrd
  16. "mkinitrd", http://www.novell.com/products/linuxpackages/suselinux/mkinitrd.html
  17. "SUSE mkinitrd for Encrypted Root File Systems", http://www.ccrl-nece.de/~greg/linux/mkinitrd-lerfs.tar.gz
  18. "Performance of Encryption Algorithms", http://www.saout.de/tikiwiki/tiki-index.php?page=UserPageChonhulio
  19. "dmcrypt versus loopaes", http://deb.riseup.net/storage/encryption/benchmarks/dmcrypt-v-loopaes
  20. M.-J. O. Saarinen, "Encrypted Watermarks and Linux Laptop Security", http://docs.indymedia.org/pub/Local/UkCrypto/wisa2004.pdf
  21. "Encryption Ideas for IMC UK", http://docs.indymedia.org/view/Local/UkCrypto
  22. "Encrypt filesystems with EncFS and Loop-AES", http://security.linux.com/print.pl?sid=06/03/13/1656228
  23. J. Ruusu,"Re: Oopsing cryptoapi (or loop device?) on 2.6.*", http://marc.theaimsgroup.com/?l=linux-kernel&m=107719798631935&w=2
  24. D.A. Osvik, A. Shamir and E. Tromer, "Cache Attacks and Countermeasures: the Case of AES", http://www.wisdom.weizmann.ac.il/~tromer/papers/cache.pdf
  25. C. Fruhwirth, "New Methods in Hard Disk Encryption", http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf
  26. J. Gustedt, "Early LUKS", http://www.loria.fr/~gustedt/early/
  27. C. Fruhwirth and M. Schuster, "Hard disk encryption with DM-Crypt, LUKS, and cryptsetup", http://www.linux-magazine.com/issue/61/Hard_Disk_Encryption_DM-Crypt_LUKS_cryptsetup.pdf
  28. Packman "cryptsetup-luks" RPM packages for older openSUSE distributions http://packman.links2linux.de/package/841
  29. "openSUSE 11.1 mkinitrd and scripts for Encrypted Root File Systems", http://www.mtsports.de/linux/mkinitrd-ut.tar.gz