Dm-crypt

From ArchWiki
Revision as of 17:07, 11 September 2006 by Pippin (Talk | contribs) (Initial page creation)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Attention: If you want to try this with Arch Linux 0.7.2 you have to make the libnsl-2.3.6.so availible for you during installation (on usbstick, cd, floppy, network, whatever...) and copy it to /usr/lib/ when the installation disk has botted - it is missing on the installation disk. this has been reported as a bug: http://bugs.archlinux.org/task/4808

How to make libnsl available from the Arch Linux 0.7.2 bootable CD:

1. Boot from the Arch Linux 0.7.2 CD

2. Mount the CD:

#mkdir /cd
#mount /dev/hdc /cd

3. Extract the libnsl files from the base glibc package to the /lib dir

#cd /  #current dir must be root because tar unpacks dir structure
#tar xvzf /cd/arch/pkg/glibc-2.3.6-3.pkg.tar.gz lib/libnsl*

If you use the FTP install disk, you need to grab the package glibc-2.3.6-3.pkg.tar.gz from somewhere like ftp://ftp.hosteurope.de/mirror/ftp.archlinux.org/0.7.2/os/i686 (check out the "Get It!" page) and store libnsl* somewhere you can access during installation, like another partition.

ATTENTION: if you are using ARCH before 0.8, you need to use ftp install for this. The reason being that you need mkinitcpio, which 0.7.x doesn't have.

This short HOWTO will show you how to install Arch Linux 0.7.x/0.8 with a LUKS encrypted root filesystem.

It is possible to encrypt other partitions (except for boot). We'll assume you want to encrypt /home and swap (which seem like sensible choices). You can ignore the relevant instructions if you don't want to do this.

If you want to set up an encrypted partition on 0.7.x without using FTP install, follow the instructions at Encrypted_Root_Filesystem. mkinitcpio needs a kernel command line option for non-LUKS partitions, though, and there's no straightforward support for non-root encrypted partitions.

Credits: lots of text copied wholesale from Encrypted_Root_Filesystem.

Disclaimer: No guarantee is provided. BACK UP YOUR DATA!!!


Why LUKS?

There are either 3 or 4 rival disk encryption standards in Linux, depending on how you count them.

The old cryptoloop is deprecated: it's old, insecure and unreliable.

A much better version, loop-AES (http://loop-aes.sourceforge.net/), was created but, due to politics, never became favourable with the kernel developers. It's far more secure than either cryptoloop or straight device-mapper encryptions (and probably faster than any of the other 3 options), but is not user-friendly. It also requires non-standard kernel support, which ARCH's kernel26 doesn't have.

The standard device-mapper encryption (dm-crypt) is what the Encrypted_Root_Filesystem HOWTO uses. If used with the ESSIV option (Encrypted Sector Salt Initial Value - see http://www.shimari.com/dm-crypt-on-raid/#why_dmcrypt for more details), it becomes immune to the two most serious vulnerabilities of cryptoloop.

LUKS essentially makes management of encrypted partitions easier. Without going into the hairy details (check out the LUKS home page if you're interested), it stores all the needed setup information on the disk itself. All you need then is the password, which can be in a seperate file if you like. The Linux implementation uses dm-crypt, with ESSIV enabled by default, and so should be about as secure as loop-AES (depending on how you manage passwords and key files etc). It can have up to eight different passwords, which can be changed or revoked easily. It is also supported by mkinitcpio in ARCH linux, which is nice.

Note: if you want to have encrypted swap, read the section below about Encrypted Swap and decide how you want to set it up before you start the rest of this HOWTO.


The Steps

1. If you're not starting from an unused hard drive, BACK UP YOUR DATA! I cannot stress this enough. Ideally, you should be doing this regularly anyway, and it's particularly important with an encrypted hard drive. But beware: if you have unencrypted backups, is there any point in having an encrypted hard drive? Think about where you store your backups.

2. Boot up the system with the 0.7.1, 0.7.2 (or 0.8 when it comes out) installation CD (and copy libnsl* to /lib if you're using 0.7.2).

3. Next, set up your partitions as you want. Make sure you have a separate partition for your /boot. If you think about it, this is absolutely necessary. If your /boot partition was encrypted, then your bootloader wouldn't be able to read the kernel image and you would not get far.

# cfdisk /dev/hda

Example partitions:

/dev/hda1 -> /boot
/dev/hda2 -> swap
/dev/hda3 -> /
/dev/hda4 -> /home

4. Now that we have our real, physical partitions set up, we need to tell cryptsetup to create a new (encrypted) block device based on our root and home partitions, /dev/hda3 and /dev/hda4. But first we have to load the modules that cryptsetup needs.

# modprobe dm-crypt
# modprobe aes-i586

Now, setup the partitions we are going to encrypt for LUKS:

# cryptsetup -y luksFormat /dev/hda3
Enter passphrase: mypassword
Verify passphrase: mypassword
# cryptsetup -y luksFormat /dev/hda4
Enter passphrase: myotherpassword
Verify passphrase: myotherpassword

And open them:

# cryptsetup luksOpen /dev/hda3 root
Enter any LUKS passphrase: mypassword
key slot 0 unlocked.
Command successful.
# cryptsetup luksOpen /dev/hda4 home
Enter any LUKS passphrase: myotherpassword
key slot 0 unlocked.
Command successful.

Now you should have a device called /dev/mapper/root, and another called /dev/mapper/home. These are block devices like any other, but with a neat twist: Whenever you write to them, the data is actually written to /dev/hda3 or /dev/hda4 respectively, but it is encrypted first! The only way to access the data on this encrypted partition is to re-create that /dev/mapper/root or /dev/mapper/home device with cryptsetup each time you boot. With LUKS, you can use cryptsetup luksAddKey /dev/hda3 to add a new password, or cryptsetup luksDelKey /dev/hda3 to revoke a password. Type cryptsetup -? or man cryptsetup (once you've booted your new Arch installation) for more info.

(Note: with LUKS, if you type in the wrong password, it will reject it. You don't have to worry about it possibly destroying your data).

Note: if you've decided to go for option two for encrypted swap (see Encryped Swap below), you should set up /dev/mapper/swap in the same way as you've just set up /dev/mapper/home.

4. Now that /dev/mapper/root and /dev/mapper/home are in place, we can enter the regular Arch setup script and it will do the rest, as it normally would.

# /arch/setup

Make sure you select FTP install if you're using 0.7.1 or 0.7.2, otherwise you won't get mkinitcpio. mkinitrd doesn't work with LUKS!

Most of the installation can be carried out normally. However, there are a few areas where we have to deviate from the normal process. They are all listed below. Heed them well!

PREPARE HARD DRIVE: Skip the Partitioning and Auto-Prepare business and go straight to "Set Filesystem Mountpoints." When asked for your / (root) partition, do NOT select /dev/hda3 as you normally would. Select /dev/mapper/root instead. Similarly, if you are using a seperate encrypted home partition, add /dev/mapper/home to be mounted at /home.

SELECT PACKAGES: Make sure you also install the system/cryptsetup package. This is the only non-Base package that you MUST select.

INSTALL PACKAGES: After all the packages have been installed, and before you install the kernel, you have to switch over to another virtual console (ALT-F2) and edit your mkinitcpio.conf configuration file. The initcpio is responsible for setting up your virtual block device with cryptsetup, so we'd better make sure that mkinitcpio knows about it.

# vi /mnt/etc/mkinitcpio.conf

Add "encrypt" to HOOKS (at the bottom of the file). That's it! You probably also want to add "encrypt" to the HOOKS line in /boot/mkinitcpio-fallback.conf, so that the fallback option in the grub menu will actually work.

While you're here, if you want seperate encrypted partitions, set them up in /etc/crypttab.

# vi /mnt/etc/crypttab

The following line will set up our encrypted home partition:

home      /dev/hda6     "myotherpassword"

If you want to use a key file, do something like the following:

# head -n 220 /dev/urandom | tail -n 200 > /mnt/etc/home.key
# cryptsetup luksAddKey /dev/hda4 /mnt/etc/home.key
Enter any LUKS passphrase: myotherpassword
Verify passphrase: myotherpassword
key slot 0 unlocked.
Command successful.
# echo home /dev/hda6 /etc/home.key >> /mnt/etc/crypttab

Note: if you've decided to have option one encrypted swap (new encryption key on each boot), read the section below about Encrypted Swap now!

CONFIGURE SYSTEM: We suggest you use the GRUB bootloader, so we'll cover that here. Make sure references to your root partition are references to the underlying device, not the dm-crypt device. ie: /dev/hda3, not /dev/mapper/root. mkinitcpio will take care of passing the correct device name to the kernel, but it needs to know which device to set up as root. Also, you want kernel26.img, not initrd26.img, on the initrd line.

Example:

# (0) Arch Linux
title Arch Linux [/boot/vmlinuz26]
root (hd0,0)
kernel /vmlinuz26 root=/dev/hda3 ro
initrd /kernel26.img

5. Revel in your success. Reboot, and you should be presented with the text

A password is required to access the root filesystem:

followed by a prompt for any LUKS password. Type it in (mypassword) and everything should boot. Once you've booted and logged in, type mount. You should have /dev/mapper/root mounted at / and, if you set up a seperate encrypted home partition, /dev/mapper/home mounted at /home. If you set up encrypted swap, swapon -s should have /dev/mapper/swap listed as your swap partition.


Encrypted Swap

Sensitive data stored in memory may be written to swap at any time. If you've gone to the trouble of encrypting your root and home partitions, you should encrypt your swap as well. There are two options here: random encryption on each boot (better security, but less elegant), or the same encryption each time. We won't cover the second option here, as it is pretty much identical to how you set up the /home partition above. Just replace all references to home with swap, and hda4 with hda2.

For the first option, we're not going to use LUKS. We're going to set up dm-crypt directly. If you're still in the archsetup process, just switch to a different virtual console (ALT+F2). If you've exited already, the new root will have been unmounted. Use mount /dev/mapper/root /mnt to mount it again.

Now add an entry to the cryptsetup file:

# echo swap /dev/hda2 /dev/urandom "-c aes-cbc-essiv:sha256 -h sha256 -s 256" >> /mnt/etc/crypttab

This will set up /dev/mapper/swap, with underlying block device /dev/hda2, using a random 256-bit key taken from /dev/urandom. Note the use of ESSIV, as in aes-cbc-essiv. That prevents a major cryptographic attack called watermarking.

Now, the bootscripts won't be able to automatically use the resulting partition for swap, because mkswap needs to be run first. So delete the swap entry from /mnt/etc/fstab and add lines to rc.local to set up the swap:

# sed -i /^swap/d /mnt/etc/fstab
# echo "mkswap /dev/mapper/swap" >> /mnt/etc/rc.local
# echo "swapon /dev/mapper/swap" >> /mnt/etc/rc.local

And you're done! Carry on with installation or, if you've already finished, umount /mnt.


External Key Files

Currently, mkinitcpio doesn't support having the key for your root partition on a seperate device, like a USB stick. It's planned to be added soon. If you're really desperate (and daring), you can copy encrypt_hook to /lib/initcpio/hooks/encrypt and encrypt_install to /lib/initcpio/install/encrypt from Bug 5374. Be warned: it may not work. You should still be able to use your normal password even if it doesn't, but I really recommend you wait for the encrypt hooks to support it officially unless you feel confident editing the hooks yourself.