Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
On Sunday 22 October 2006 00:21, Francesco Talamona wrote: On Sunday 22 October 2006 07:16, Jason Booth wrote: I can't find which gentoo package contains uuencode(installed uucp,uulib,uudeview and googled to no avail). [08:19] [EMAIL PROTECTED]:~]$ equery belongs /usr/bin/uuencode [ Searching for file(s) /usr/bin/uuencode in *... ] app-arch/sharutils-4.2.1-r11 (/usr/bin/uuencode) only works if already installed ;) lazybird ~ # equery belongs /usr/bin/uuencode [ Searching for file(s) /usr/bin/uuencode in *... ] lazybird ~ # Ciao Francesco -- Linux Version 2.6.18-gentoo-r1, Compiled #1 PREEMPT Wed Oct 18 22:52:55 CEST 2006 One 2.2GHz AMD Athlon 64 Processor, 2GB RAM, 4408.88 Bogomips Total aemaeth -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gentoo-amd64@gentoo.org mailing list
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason Booth wrote: On Sunday 22 October 2006 00:21, Francesco Talamona wrote: On Sunday 22 October 2006 07:16, Jason Booth wrote: I can't find which gentoo package contains uuencode(installed uucp,uulib,uudeview and googled to no avail). [08:19] [EMAIL PROTECTED]:~]$ equery belongs /usr/bin/uuencode [ Searching for file(s) /usr/bin/uuencode in *... ] app-arch/sharutils-4.2.1-r11 (/usr/bin/uuencode) only works if already installed ;) lazybird ~ # equery belongs /usr/bin/uuencode [ Searching for file(s) /usr/bin/uuencode in *... ] lazybird ~ # Portage file search is your friend: http://www.rommel.stw.uni-erlangen.de/~fejf/cgi-bin/pfs-web.pl If you have a diverse set of packages try running the client to improve the index (not that it needs all that much improvement). -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFO10GG4/rWKZmVWkRAnkBAJ49aKR6u3/g/XNiET3xE8Ybs5antQCgwDtF zZjC4uxSRE0tJ+CT7v6frPk= =WTTQ -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Duncan wrote: Well, there's could, and there's groking what it's actually doing, in case there's a problem and to ensure it's actually encrypting it. (I /seriously/ hope that mention of uuencode doesn't mean they're using /it/ to encrypt, for instance. A quick look say they aren't, but that doesn't tell me what's actually going on yet, either.) Ok, in a nutshell: 1. Generate MD5 hash of first 40k of previous swap volume (essentially a source of entropy). In my opinion it isn't needed but probably couldn't hurt. 2. Wipe that 40k 20 times - just so nobody can figure out what that hash might have been later. 3. Generate a random encryption key (WHOA - why on earth is that script using urandom for this - it only pulls 18 bytes - I just changed it to /dev/random in mine (more secure in the event the entropy pool gets low - - although normally they are the same)). For those not in the know, /dev/random blocks if it runs out of entropy, but /dev/urandom just gives out a less random value. If you need 50MB of random data you have to use urandom if you don't want to freeze the system for 12 hours, but for 18 bytes we can afford to wait for quality data. 4. /dev/(u)random dumps binary data - losetup wants something more sane as a key, so uuencode is used to convert to text. No source of compromise here - the original data was random so the uuencoded data is still random (it is now constrained in potential output values, but is longer which compensates). 5. Set up the loop device using the output of steps 1 and 4 concatenated as an encryption key (losetup will generate a SHA-512 key from the text key and use that for actual encryption). 6. Wipe out the variables containing the two key components (probably doesn't accomplish much). The keys will be in RAM somewhere for as long as the swap is mounted and only root can hunt for the keys either way. 7. Zero the start of the encrypted loop device - mainly just to make mkswap happy in case the device ends up looking like some other type of partition. 8. Create and use the swap device. If I'm going to be running encrypted swap, I'm going to need to know all about what I'm using to encrypt it (losetup here, it seems), and how that plays with my four-way striped swap (a four gig partition on each of my four SATA drives, all set pri=1 so the kernel stripes it for performance), among other things. If I can't rest assured it's working well, why bother? I'd just make SWAPDEVICE and LOOPDEV command-line parameters and then call the script 4 times. swap again, wipe the partitions, and simply leave swap off. Only if they ever get suspend to disk working semi-reliably... Not sure encrypted swap will play well with suspend to disk. Somehow when the system wakes up it needs to find out what the encryption key actually was, otherwise the loop device can't be reactivated. Now, it is possible that the kernel will just write the key to disk somewhere, but this defeats much of the security of an encrypted swap device (where after a reboot the swap space is impossible to read without a brute force attack on AES-CBC). If the key isn't written to disk the kernel will boot and look around and not see any valid swap partitions on the disk at all. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFO2EGG4/rWKZmVWkRAsRsAKCoF3LGq2Qw+jvQI6W+1i5A0i2hXwCgifEl oWpJqZG0t7txICyhZhQhu/Q= =AdpP -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
On Sunday 22 October 2006 05:59, Richard Freeman wrote: Portage file search is your friend: http://www.rommel.stw.uni-erlangen.de/~fejf/cgi-bin/pfs-web.pl If you have a diverse set of packages try running the client to improve the index (not that it needs all that much improvement). Thanks. Yeah I thought I had forgotten a command to do it, but appearently not.. -Jason -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gentoo-amd64@gentoo.org mailing list
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
On Sunday 22 October 2006 06:16, Richard Freeman wrote: I'd just make SWAPDEVICE and LOOPDEV command-line parameters and then call the script 4 times. or drop a for loop into it... I don't know much about raid, but if it's treated in /dev as a single device, you may just be able to replace it and go. May be overly paranoid, but writing encrypted data multiple times could help someone to guess what certain file is and make an attack on the encryption easier. I use ext2 for my encrypted loops so there's no journal as well. Although the power fails sometimes, and can be a pain to fsck, i haven't lost anything yet. swap again, wipe the partitions, and simply leave swap off. Only if they ever get suspend to disk working semi-reliably... Not sure encrypted swap will play well with suspend to disk. Somehow when the system wakes up it needs to find out what the encryption key actually was, otherwise the loop device can't be reactivated. Last time i tried S2D, albeit a couple of years now, the loops all had to be re-mounted after wake(and of course fsck'd) Now, it is possible that the kernel will just write the key to disk somewhere, but this defeats much of the security of an encrypted swap device (where after a reboot the swap space is impossible to read without a brute force attack on AES-CBC). I think key retention support in kernel may accomplish this If the key isn't written to disk the kernel will boot and look around and not see any valid swap partitions on the disk at all. Also, it seems AES-CBC is the standard for swap.. at least per the loop-aes package that contained this script. Does anyone of a good benchmark list? I found this but didn't see aes on it http://www.eskimo.com/~weidai/benchmarks.html -Jason -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gentoo-amd64@gentoo.org mailing list
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
On Sunday 22 October 2006 06:16, Richard Freeman wrote: 3. Generate a random encryption key (WHOA - why on earth is that script using urandom for this - it only pulls 18 bytes - I just changed it to /dev/random in mine (more secure in the event the entropy pool gets low - although normally they are the same)). For those not in the know, /dev/random blocks if it runs out of entropy, but /dev/urandom just gives out a less random value. If you need 50MB of random data you have to use urandom if you don't want to freeze the system for 12 hours, but for 18 bytes we can afford to wait for quality data. Nice catch. At this point in booting we should have plenty of entropy in the random pool. Would be wise to start service random a few steps back to make sure it's really random and not boot-sequence-pridictable-random, although the script is plenty paranoid. 4. /dev/(u)random dumps binary data - losetup wants something more sane as a key, so uuencode is used to convert to text. No source of compromise here - the original data was random so the uuencoded data is still random (it is now constrained in potential output values, but is longer which compensates). I actually ran this script many times without uuencode, just passing the random string to losetup without any complaints. glad i have uuencode now though ;) -Jason -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gentoo-amd64@gentoo.org mailing list
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Duncan wrote: I'm not running encrypted swap tho I've always thought it'd be nice to setup /someday/, so I can't help directly. I just run the following script from local.start. I forget where I found it online. Obviously change the swapdevice variable! Honestly, my guess is that it is overly paranoid. You could probably eliminate most of the steps this script takes, but it runs in only a second or two so it isn't a big deal. I would leave in the bit that zeros the start of the encrypted swap partition - it probably helps to keep mkswap from getting confused. Not sure what the fancy scripts that are being discussed do, but this is plenty good for me, and I'm sure Duncan could get this running in about 15 seconds... #!/bin/sh # Run this script somewhere in your startup scripts _after_ random # number generator has been initialized and /usr has been mounted. # (md5sum, uuencode, tail and head programs usually reside in /usr/bin/) # encrypted swap partition SWAPDEVICE=/dev/hda3 # loop device name LOOPDEV=/dev/loop6 MD=`dd if=${SWAPDEVICE} bs=4k count=10 2/dev/null | md5sum` for X in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do dd if=/dev/zero of=${SWAPDEVICE} bs=4k count=10 conv=notrunc 2/dev/null sync done UR=`dd if=/dev/urandom bs=18 count=1 2/dev/null \ | uuencode -m - | head -n 2 | tail -n 1` echo ${MD}${UR} | losetup -p 0 -e aes-cbc-256 ${LOOPDEV} ${SWAPDEVICE} MD= UR= dd if=/dev/zero of=${LOOPDEV} bs=4k count=10 conv=notrunc 2/dev/null sync mkswap ${LOOPDEV} sync swapon ${LOOPDEV} -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFOuTeG4/rWKZmVWkRAvh/AJ9m/TppQ4w+kFEtjRgqRqBXrW0HSgCffycx v1aYQi+49/PX9GBTi8Z5kxk= =X4Km -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
On Saturday 21 October 2006 21:26, Richard Freeman wrote: Duncan wrote: I'm not running encrypted swap tho I've always thought it'd be nice to setup /someday/, so I can't help directly. I just run the following script from local.start. I forget where I found it online. Obviously change the swapdevice variable! Honestly, my guess is that it is overly paranoid. You could probably eliminate most of the steps this script takes, but it runs in only a second or two so it isn't a big deal. I would leave in the bit that zeros the start of the encrypted swap partition - it probably helps to keep mkswap from getting confused. Not sure what the fancy scripts that are being discussed do, but this is plenty good for me, and I'm sure Duncan could get this running in about 15 seconds... Yeah this script has worked fine for me for like 5 years except for one thing: I can't find which gentoo package contains uuencode(installed uucp,uulib,uudeview and googled to no avail). #!/bin/sh # Run this script somewhere in your startup scripts _after_ random # number generator has been initialized and /usr has been mounted. # (md5sum, uuencode, tail and head programs usually reside in /usr/bin/) # encrypted swap partition SWAPDEVICE=/dev/hda3 # loop device name LOOPDEV=/dev/loop6 MD=`dd if=${SWAPDEVICE} bs=4k count=10 2/dev/null | md5sum` for X in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do dd if=/dev/zero of=${SWAPDEVICE} bs=4k count=10 conv=notrunc 2/dev/null sync done UR=`dd if=/dev/urandom bs=18 count=1 2/dev/null \ | uuencode -m - | head -n 2 | tail -n 1` echo ${MD}${UR} | losetup -p 0 -e aes-cbc-256 ${LOOPDEV} ${SWAPDEVICE} MD= UR= dd if=/dev/zero of=${LOOPDEV} bs=4k count=10 conv=notrunc 2/dev/null sync mkswap ${LOOPDEV} sync swapon ${LOOPDEV} Thanks, Jason -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gentoo-amd64@gentoo.org mailing list
Re: [gentoo-amd64] Re: Using encrypted swap via cryptsetup-luks on amd64
On Saturday 21 October 2006 23:16, Jason Booth wrote: On Saturday 21 October 2006 21:26, Richard Freeman wrote: Duncan wrote: I'm not running encrypted swap tho I've always thought it'd be nice to setup /someday/, so I can't help directly. I just run the following script from local.start. I forget where I found it online. Obviously change the swapdevice variable! Honestly, my guess is that it is overly paranoid. You could probably eliminate most of the steps this script takes, but it runs in only a second or two so it isn't a big deal. I would leave in the bit that zeros the start of the encrypted swap partition - it probably helps to keep mkswap from getting confused. Not sure what the fancy scripts that are being discussed do, but this is plenty good for me, and I'm sure Duncan could get this running in about 15 seconds... Yeah this script has worked fine for me for like 5 years except for one thing: I can't find which gentoo package contains uuencode(installed uucp,uulib,uudeview and googled to no avail). Nevermind I just found it: sharutils #!/bin/sh # Run this script somewhere in your startup scripts _after_ random # number generator has been initialized and /usr has been mounted. # (md5sum, uuencode, tail and head programs usually reside in /usr/bin/) # encrypted swap partition SWAPDEVICE=/dev/hda3 # loop device name LOOPDEV=/dev/loop6 MD=`dd if=${SWAPDEVICE} bs=4k count=10 2/dev/null | md5sum` for X in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do dd if=/dev/zero of=${SWAPDEVICE} bs=4k count=10 conv=notrunc 2/dev/null sync done UR=`dd if=/dev/urandom bs=18 count=1 2/dev/null \ | uuencode -m - | head -n 2 | tail -n 1` echo ${MD}${UR} | losetup -p 0 -e aes-cbc-256 ${LOOPDEV} ${SWAPDEVICE} MD= UR= dd if=/dev/zero of=${LOOPDEV} bs=4k count=10 conv=notrunc 2/dev/null sync mkswap ${LOOPDEV} sync swapon ${LOOPDEV} Thanks, Jason -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gpg public key: http://lazybird.hyperintelligent.net/~jbooth/jbooth_key.asc -- gentoo-amd64@gentoo.org mailing list