On 21/07/18 18:19, Michael Dorrington wrote:
> On 12/07/18 08:46, Michael Dorrington wrote:
>
>> * Event: Manchester Free Software's July Meeting
>>
>> * Talk: CryptoPractical
>> * Speaker: Michael Dorrington
>
> Exercises (and feel free to ask for help on the MFS mailinglist):
>
> 1. Set up an encrypted USB stick using LUKS.
>
> Some things to keep in mind:
>
> a) Triple check you are messing with the right block ("disk") device.
> Commands like `lsblk` and `lsblk --scsi` help here.
>
> b) Fill the disk/block device with random data first, something like:
>
> dd bs=1M if=/dev/urandom of=/dev/sdKNOWWHATYOUAREDOINGThe Debian Reference manual has details how to do this in "Chapter 9. System tips" under "9.8.1. Removable disk encryption with dm-crypt/LUKS". In this they use `badblocks` with random test pattern instead of the above `dd` with urandom. The badblocks command has the advantage that it checks that the data written to the disk is the same as that read back, particularly worth doing with USB sticks. However, I'm not sure the randomness is sufficiently random. Advanced question, how random is the "random" test pattern in badblocks, particularly compared to urandom? They also use the new cryptsetup syntax of "open --type luks" rather than "luksOpen". See: https://www.debian.org/doc/manuals/debian-reference/ch09.en.html#_removable_disk_encryption_with_dm_crypt_luks The Debian Reference manual is worth checking out. It has been packaged too, see: https://packages.debian.org/debian-reference-en M. -- FSF member #9429 http://www.fsf.org/register_form?referrer=9429 http://www.fsf.org/about "The Free Software Foundation (FSF) is a nonprofit with a worldwide mission to promote computer user freedom and to defend the rights of all free software users."
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Fsfe-uk mailing list [email protected] https://lists.gnu.org/mailman/listinfo/fsfe-uk
