Difference between revisions of "Dm-crypt"

From ArchWiki
Jump to: navigation, search
(Specialties)
(change category to Disk encryption)
 
(80 intermediate revisions by 23 users not shown)
Line 1: Line 1:
 
{{Lowercase title}}
 
{{Lowercase title}}
[[Category:Security]]
+
[[Category:Disk encryption]]
[[Category:File systems]]
+
[[de:dm-crypt]]
[[de:ArchLinux mit verschlüsseltem LVM und Systemd]]
+
[[es:Dm-crypt]]
 
[[fr:LUKS]]
 
[[fr:LUKS]]
[[ru:System Encryption with LUKS]]
+
[[it:Dm-crypt with LUKS]]
[[zh-CN:System Encryption with LUKS]]
+
[[ja:Dm-crypt]]
{{Stub|1=This article is currently under heavy restructuring: for its latest stable revision see [[Dm-crypt with LUKS]]}}
+
[[ru:Dm-crypt]]
{{Merge|Plain dm-crypt without LUKS|Merge in [[dm-crypt with LUKS/Encrypting an entire system]], but then this page will have to be moved to [[dm-crypt]] (and all the subpages will have to follow); the introduction will have to be rewritten too.|Talk:Plain dm-crypt without LUKS#Merge}}
+
[[zh-hans:Dm-crypt]]
 +
[[zh-hant:Dm-crypt]]
 +
[[pl:Dm-crypt]]
 +
 
 
{{Related articles start}}
 
{{Related articles start}}
{{Related|Disk Encryption}}
+
{{Related|Disk encryption}}
 
{{Related|Removing System Encryption}}
 
{{Related|Removing System Encryption}}
{{Related|Plain dm-crypt without LUKS}}
 
 
{{Related articles end}}
 
{{Related articles end}}
  
This article focuses on how to set up full system encryption on Arch Linux, using dm-crypt with LUKS.
+
From the cryptsetup project's [https://gitlab.com/cryptsetup/cryptsetup/wikis/DMCrypt wiki]:
  
'''dm-crypt''' is the standard device-mapper encryption functionality provided by the Linux kernel. It can be used directly by those who like to have full control over all aspects of partition and key management.
+
:Device-mapper is infrastructure in the Linux 2.6 and 3.x kernel that provides a generic way to create virtual layers of block devices. Device-mapper crypt target provides transparent encryption of block devices using the kernel crypto API. The user can basically specify one of the symmetric ciphers, an encryption mode, a key (of any allowed size), an iv generation mode and then the user can create a new block device in /dev. Writes to this device will be encrypted and reads decrypted. You can mount your filesystem on it as usual or stack dm-crypt device with another device like RAID or LVM volume. Basic documentation of dm-crypt mapping table comes with kernel source and the latest version is available in git repository.
  
'''LUKS''' is an additional convenience layer which stores all of the needed setup information for dm-crypt on the disk itself and abstracts partition and key management in an attempt to improve ease of use.
+
== Common scenarios ==
  
For more details on how dm-crypt+LUKS compares to other disk encryption solution, see [[Disk Encryption#Comparison table]].
+
This part introduces common scenarios to employ ''dm-crypt'' to encrypt a system or individual filesystem mount points. It is meant as starting point to familiarize with different practical encryption procedures. The scenarios cross-link to the other subpages where needed.  
  
== Overview ==
+
See [[dm-crypt/Encrypting a non-root file system]] if you need to encrypt a device that is not used for booting a system, like a [[dm-crypt/Encrypting a non-root file system#Partition|partition]] or a [[dm-crypt/Encrypting a non-root file system#Loop device|loop device]].
{{Warning|Encrypting a disk or partition will erase everything currently on that disk or partition, make appropriate data backups prior to starting.
 
Also be aware that encrypting a system might not only make the life of laptop thieves more miserable, but also yours if you don't plan ahead on:
 
* how to make secure backups of the encrypted system/-setup/data and
 
* how to access the encrypted system manually for maintenance.
 
Keeping those points in mind while deciding on how to use encryption may help to decide on method and tools as well.}}
 
  
The installation of a LUKS-encrypted system is largely the same as installing an unencrypted system. Routine creation of an encrypted system follows these general steps:
+
See [[dm-crypt/Encrypting an entire system]] if you want to encrypt an entire system, in particular a root partition. Several scenarios are covered, including the use of ''dm-crypt'' with the ''LUKS'' extension, ''plain'' mode encryption and encryption and ''LVM''.
  
* [[#Drive preparation|Preparation]] of the drive(s) where the system will be installed
+
== Drive preparation ==
* Creation of the needed [[#Device encryption|encryption layers]]
 
* [[#System configuration|Configuration]] of the system to handle the encryption
 
* Installation of the system following the [[Installation Guide]] or the [[Beginners' Guide]]
 
  
Note that the Arch installation media comes with all the tools required for system encryption.
+
[[dm-crypt/Drive preparation]] deals with operations like [[dm-crypt/Drive preparation#Secure erasure of the hard disk drive|securely erasing the drive]] and ''dm-crypt'' specific points for [[dm-crypt/Drive preparation#Partitioning|partitioning it]].  
  
==Common scenarios==
+
== Device encryption ==
{{Expansion|This section is an alternative to [[#Examples]], see [[Talk:Dm-crypt_with_LUKS/draft#New_idea]]. Add some introductory text with links to the most important subsections of [[Dm-crypt with LUKS/Encrypting a non-root file system]] and [[Dm-crypt with LUKS/Encrypting an entire system]].}}
 
See [[Dm-crypt with LUKS/Encrypting a non-root file system]] and [[Dm-crypt with LUKS/Encrypting an entire system]].
 
  
==Drive preparation==
+
[[dm-crypt/Device encryption]] covers how to manually utilize dm-crypt to encrypt a system through the [[dm-crypt/Device encryption#Cryptsetup usage|cryptsetup]] command. It covers examples of the [[dm-crypt/Device encryption#Encryption options with dm-crypt|Encryption options with dm-crypt]], deals with the creation of [[dm-crypt/Device encryption#Keyfiles|keyfiles]], LUKS specific commands for [[dm-crypt/Device encryption#Key management|key management]] as well as for  [[dm-crypt/Device encryption#Backup and restore|Backup and restore]].  
This step will deal with operations like [[Dm-crypt with LUKS/Drive Preparation#Secure erasure of the hard disk drive|securely erasing the drive]] and [[Dm-crypt with LUKS/Drive Preparation#Partitioning|partitioning it]]. See [[Dm-crypt with LUKS/Drive Preparation]].
 
  
==Device encryption==
+
== System configuration ==
{{Expansion|Add some introductory text with links to the most important subsections of [[Dm-crypt with LUKS/Device Encryption]].}}
 
See [[Dm-crypt with LUKS/Device Encryption]].
 
  
==System configuration==
+
[[dm-crypt/System configuration]] illustrates how to configure [[dm-crypt/System configuration#mkinitcpio|mkinitcpio]], the [[dm-crypt/System configuration#Boot loader|boot loader]] and the [[crypttab]] file when encrypting a system.
{{Expansion|Add some introductory text with links to the most important subsections of [[Dm-crypt with LUKS/System Configuration]].}}
 
See [[Dm-crypt with LUKS/System Configuration]].
 
  
==Examples==
+
== Swap device encryption ==
{{Expansion|This section is an alternative to [[#Common scenarios]], see [[Talk:Dm-crypt_with_LUKS/draft#New_idea]]. Add some introductory text with links to the most important subsections of [[Dm-crypt with LUKS/Examples]].}}
 
See [[Dm-crypt with LUKS/Examples]].
 
  
==Swap device encryption==
+
[[dm-crypt/Swap encryption]] covers how to add a swap partition to an encrypted system, if required. The swap partition must be encrypted as well to protect any data swapped out by the system. This part details methods [[dm-crypt/Swap encryption#Without suspend-to-disk support|without]] and [[dm-crypt/Swap encryption#With suspend-to-disk support|with]] suspend-to-disk support.
A swap partition may be added to an encrypted system, if required. The swap partition must be encrypted as well to protect any data swapped out by the system. This part details methods [[Dm-crypt_with_LUKS/Swap_Encryption#Without_suspend-to-disk_support|without]] and [[Dm-crypt_with_LUKS/Swap_Encryption#With_suspend-to-disk_support|with]] suspend-to-disk support.
 
  
See [[Dm-crypt with LUKS/Swap Encryption]].
+
== Specialties ==
  
==Specialties==
+
[[dm-crypt/Specialties]] deals with special operations like [[dm-crypt/Specialties#Securing the unencrypted boot partition|securing the unencrypted boot partition]], [[dm-crypt/Specialties#Using GPG, LUKS, or OpenSSL Encrypted Keyfiles|using GPG or OpenSSL encrypted keyfiles]], a method to [[dm-crypt/Specialties#Remote unlocking of the root (or other) partition|boot and unlock via the network]], another for [[dm-crypt/Specialties#Discard/TRIM support for solid state drives (SSD)|setting up discard/TRIM for a SSD]], and sections dealing with [[dm-crypt/Specialties#The encrypt hook and multiple disks|the encrypt hook and multiple disks]].  
This part deals with special operations like [[Dm-crypt with LUKS/Specialties#Securing the unencrypted boot partition|securing the unencrypted boot partition]], [[Dm-crypt with LUKS/Specialties#Using GPG or OpenSSL Encrypted Keyfiles|using GPG or OpenSSL encrypted keyfiles]], a method to [[Dm-crypt with LUKS/Specialties#Using GPG or OpenSSL Encrypted Keyfiles|boot and unlock via the network]], or [[Dm-crypt with LUKS/Specialties#Using GPG or OpenSSL Encrypted Keyfiles|setting up discard/TRIM for a SSD]].
 
  
See [[Dm-crypt with LUKS/Specialties]].
+
== See also ==
 
 
==Securing the unencrypted boot partition==
 
Referring to an article from the ct-magazine (Issue 3/12, page 146, 01.16.2012 http://www.heise.de/ct/inhalt/2012/03/6/) the following script checks files under {{ic|/boot}} for changes of SHA-1 hash, inode and occupied blocks on the hard drive. It also checks the MBR. The script cannot prevent certain type of attacks, but a lot are made harder. No configuration of the script itself is stored in unencrypted {{ic|/boot}}. With a locked/powered-off crypted system this makes it infeasible for an attacker to recognize that an automatic checksum comparison of the partition is done upon boot.
 
  
The script with installation instructions is available here: ftp://ftp.heise.de/pub/ct/listings/1203-146.zip (Author: Juergen Schmidt, ju at heisec.de; License: GPLv2). There is also an AUR package: {{AUR|chkboot}} and a slightly updated AUR package {{AUR|chkboot-git}} which includes systemd support.
+
* [https://gitlab.com/cryptsetup/cryptsetup/wikis/DMCrypt dm-crypt] - The project homepage
 
+
* [https://gitlab.com/cryptsetup/cryptsetup cryptsetup] - The LUKS homepage and [https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions FAQ] - the main and foremost help resource.  
After installation:
+
* [https://git.kernel.org/cgit/utils/cryptsetup/cryptsetup.git/ cryptsetup repository] and [https://www.kernel.org/pub/linux/utils/cryptsetup/ release] archive.
* For classical sysvinit: add {{ic|/usr/local/bin/chkboot.sh &}} to your {{ic|/etc/rc.local}}
+
* [https://github.com/t-d-k/doxbox DOXBOX] - Supports unlocking LUKS encrypted volumes in Microsoft Windows.
* For systemd: add a service file and enable the service: [[systemd]]. The service file might look like:
 
[Unit]
 
Description=Check that boot is what we want
 
Requires=basic.target
 
After=basic.target
 
 
[Service]
 
Type=oneshot
 
ExecStart=/usr/local/bin/chkboot.sh
 
 
[Install]
 
WantedBy=multi-user.target
 
 
 
There is a small caveat for systemd: At the time of writing the original {{ic|chkboot.sh}} script provided contains an empty space at the beginning of {{ic|<u> </u>#!/bin/bash}} which has to be removed for the service to start successfully.
 
 
 
As {{ic|/usr/local/bin/chkboot_user.sh}} need to be excuted after login, add it to the autostart (e.g. under KDE -> System Settings -> Startup and Shutdown -> Autostart; Gnome3: gnome-session-properties).  
 
 
 
With Arch Linux changes to {{ic|/boot}} are pretty frequent, for example by new kernels rolling-in. Therefore it may be helpful to use the scripts with every full system update. One way to do so:  
 
 
 
#!/bin/bash
 
#
 
# Note: Insert your <user>  and execute it with sudo for pacman & chkboot to work automagically
 
#
 
echo "Pacman update [1] Quickcheck before updating" &
 
sudo -u <user> /usr/local/bin/chkboot_user.sh # insert your logged on <user>
 
/usr/local/bin/chkboot.sh
 
sync # sync disks with any results
 
sudo -u <user> /usr/local/bin/chkboot_user.sh # insert your logged on <user>
 
echo "Pacman update [2] Syncing repos for pacman"
 
pacman -Syu
 
/usr/local/bin/chkboot.sh
 
sync
 
sudo -u <user> /usr/local/bin/chkboot_user.sh # insert your logged on <user>
 
echo "Pacman update [3] All done, let's roll on ..."
 
 
 
Alternatively to above scripts, a hash check can be set up with [[AIDE]] which can be customized via a very flexible configuration file.
 
 
 
While one of these methods should serve the purpose for most users, they do not address all security problems associated with the unencrypted {{ic|/boot}}. One approach which endeavours to provide a fully authenticated boot chain was published with POTTS as an academic thesis to implement the [http://www1.informatik.uni-erlangen.de/stark STARK] authentication framework.
 
 
 
The POTTS proof-of-concept uses Arch Linux as a base distribution and implements a system boot chain with 
 
* POTTS - a bootmenu for a one-time authentication message prompt
 
* TrustedGrub - a grub-legacy implementation which authenticates the kernel and initramfs against TPM chip registers
 
* TRESOR - a kernel patch which implements AES but keeps the master-key not in RAM but in CPU registers during runtime.  
 
As part of the thesis [http://13.tc/p/potts/manual.html installation] instructions based on Arch Linux (iso 2013-01) have been published. If you want to try it, be aware these tools are not in standard repositories and the solution will be time consuming to maintain.
 
 
 
== See also ==
 
* [http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions cryptsetup FAQ] - The main and foremost help resource, directly from the developers.
 
* [http://www.freeotfe.org/ FreeOTFE] - Supports unlocking LUKS encrypted volumes in Microsoft Windows.
 

Latest revision as of 11:15, 4 April 2018

From the cryptsetup project's wiki:

Device-mapper is infrastructure in the Linux 2.6 and 3.x kernel that provides a generic way to create virtual layers of block devices. Device-mapper crypt target provides transparent encryption of block devices using the kernel crypto API. The user can basically specify one of the symmetric ciphers, an encryption mode, a key (of any allowed size), an iv generation mode and then the user can create a new block device in /dev. Writes to this device will be encrypted and reads decrypted. You can mount your filesystem on it as usual or stack dm-crypt device with another device like RAID or LVM volume. Basic documentation of dm-crypt mapping table comes with kernel source and the latest version is available in git repository.

Common scenarios

This part introduces common scenarios to employ dm-crypt to encrypt a system or individual filesystem mount points. It is meant as starting point to familiarize with different practical encryption procedures. The scenarios cross-link to the other subpages where needed.

See dm-crypt/Encrypting a non-root file system if you need to encrypt a device that is not used for booting a system, like a partition or a loop device.

See dm-crypt/Encrypting an entire system if you want to encrypt an entire system, in particular a root partition. Several scenarios are covered, including the use of dm-crypt with the LUKS extension, plain mode encryption and encryption and LVM.

Drive preparation

dm-crypt/Drive preparation deals with operations like securely erasing the drive and dm-crypt specific points for partitioning it.

Device encryption

dm-crypt/Device encryption covers how to manually utilize dm-crypt to encrypt a system through the cryptsetup command. It covers examples of the Encryption options with dm-crypt, deals with the creation of keyfiles, LUKS specific commands for key management as well as for Backup and restore.

System configuration

dm-crypt/System configuration illustrates how to configure mkinitcpio, the boot loader and the crypttab file when encrypting a system.

Swap device encryption

dm-crypt/Swap encryption covers how to add a swap partition to an encrypted system, if required. The swap partition must be encrypted as well to protect any data swapped out by the system. This part details methods without and with suspend-to-disk support.

Specialties

dm-crypt/Specialties deals with special operations like securing the unencrypted boot partition, using GPG or OpenSSL encrypted keyfiles, a method to boot and unlock via the network, another for setting up discard/TRIM for a SSD, and sections dealing with the encrypt hook and multiple disks.

See also