Download presentation
Presentation is loading. Please wait.
1
On The Fly Encryption OTFE
CINLUG May 7, 2007 Tom Lapp
2
OTFE: How it works Files or entire disk (bits) are encrypted
Files in the file system are unencrypted 'Translation layer' is used to do the encryption 'on the fly' Not like a gpg encrypted file
3
OTFE: Whats it good for? Corporate Image Auditors Theft Backup?
Security? Hassle?
4
OTFE: Options dmcrypt & LUKS & cryptsetup www.saout.de/tikiwiki/
eCrypt FS ecryptfs.sf.net TrueCrypt OTFE for Windows
5
OTFE: dmcrypt uses the device mapper (like lvm) uses block devices
block device is encrypted device mapper is the translation layer requires cryptosetup package
6
OTFE: dmcrypt modprobe dm_[mod|crypt] Encrypt the block device
cryptsetup --verify-passphrase luksFormat /dev/blockdevice Decrypt the block device via device mapper cryptsetup luksOpen /dev/blockdevice name format unencrypted dm device mkfs.xfs /dev/mapper/name
7
OTFE: dmcrypt mount device mount /dev/mapper/name /mount/point
Normal use cryptsetup luksOpen /dev/blockdevice name
8
OTFE: dmcrypt dmcrypt in action
9
OTFE: eCryptfs uses existing directories in a mounted file system
similar (in theory) to mount -o remount mount –bind requires keyutils package requires ecryptfs-utils package
10
OTFE: eCryptfs modprobe ecryptfs mkdir -p /path/to/encrypted
mount -t ecryptfs /path/to/encrypted /path/to/decrypted or mount -t ecryptfs /path/to/encrypted /path/to/encrypted
11
OTFE: eCryptfs eCryptfs in action
12
OTFE: Pitfalls Forget/lose the PW or Key Bricks
Attended, Unattended reboots convenience security
13
OTFE: Best Uses USB Key/HDD between home and office Laptop
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.