Using USB key as real home and possible encryption?
Giles Orr
gilesorr-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Sun Apr 27 14:58:41 UTC 2014
On 27 April 2014 07:51, James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> wrote:
> Walter Dnes wrote:
> > So now the worry is not losing the USB key. Is there some form of
> > transparent on-the-fly encryption available that would allow me to read
> > *AND WRTE TO* the USB key? This is in case I lose the USB key. I'd be
> > looking at encrypting the entire "/dev/sdb1" USB key partition.
>
> When you format a partition, there's always an option to encrypt it, but
> I haven't tried that.
>
The default encryption for Linux is LUKS. I used that not only for /home/
on my desktop, but also for my removable backup drives. Ubuntu 12.04 with
LXDE recognizes the encrypted partitions when they're connected by USB and
asks for a password to automount them, so this should work fine for what
you're looking at. I'm no longer using automount - mostly because I
switched to Openbox, but partly because I'm told automount is totally
pooched in the newer Ubuntu and Debian installs - I've confirmed with a
recent Jessie install. I use pmount and have been fairly happy with it. A
couple friends are trying out udevil.
Here are the steps I use to encrypt a partition for use (partition can be
unformatted, it will be wiped):
# cryptsetup --verify-passphrase --key-size 256 luksFormat /dev/sdb1
# cryptsetup luksOpen /dev/sdb1 VolumeLabel
# mke2fs -j -L VolumeLabel -m 2 -t ext4 /dev/mapper/VolumeLabel
Not an explanation, but should give you pointers for where to look. As
with any destructive disk operation, you're pointing a loaded gun: be
careful.
If anyone who knows this process better than me ("I am not an expert,"
etc.) wants to point out errors in my method, please do: I'd like improve
it if possible.
--
Giles
http://www.gilesorr.com/
gilesorr-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/legacy/attachments/20140427/22605e6b/attachment.html>
More information about the Legacy
mailing list