Hard disk encryption with DM-Crypt, LUKS, and cryptsetup

SECRET MESSAGES

Article from Issue 61/2005
Author(s): , Author(s):

If you’re serious about keeping secrets, try hard disk encryption with DM-Crypt and LUKS.

File encryption is a popular means for ensuring the security and privacy of file-based data. An intruder who breaks through your firewall won’t be able to read your private files if they are encrypted, right? Actually, selective file encryption provided by utilities such as GnuPG covers some of your tracks, but it may not cover all of them. An intruder can still learn about your system – and maybe even reconstruct some of your file data – by snooping through secret files, temporary files, configuration data, and command histories. The /var/spool/cups directory, for example, could yield a treasure trove of data about files you might have printed in the past, and tools such as the Gnome Thumbnail Factory could be storing an unencrypted thumbnail of your encrypted images.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • DM-Crypt/ LUKS

    Encrypting a home directory is easy. Encrypting your whole hard disk – including the root filesystem – takes a little more effort.

  • Encrypted Filesystems

    If you’re not a security expert and you're looking for a crypto filesystem, you may be wondering about the alternatives. We took at a look at some popular crypto options for Linux.

  • CD Encryption

    An encrypted hard disk on your server is no help if valuable data on CDs or DVDs falls into the hands of spies. We’ll show you some convenient solutions for encrypting data on removable media.

  • Encrypting USB Sticks

    How easy is it to lose a USB stick? Why not protect your data just in case the stick falls into unfriendly hands?

  • Encrypting Block Devices

    The recent revelations about NSA spying have sparked renewed interest in data encryption. Encrypting at the file level is quick and easy, but if you're looking for an extra dose of protection, try encrypting the whole block device.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News