Ubuntu 10.4 Full Disk Encryption

Question

Is it possible to setup full disk encryption for Ubuntu 10.4 server? Either natively or with Truecrypt?

Additionally, is this something that has to be done at the time of installing the OS, or can it be done afterwards?

score 9 · Accepted Answer · answered Jul 28 '10 at 16:12

9

Ubuntu has supported install-time encryption using LUKS since at least 8.04. Use the alternate installer.

answered Jul 28 '10 at 16:12

Ignacio Vazquez-Abrams

45,019
5
78
84

+1 because you taught me something, Ignacio :-) – Jul 28 '10 at 16:14

score 2 · Answer 2 · answered Jul 28 '10 at 16:31

2

Correct me if I am wrong but I believe it is highly recommended to perform a full disk encryption at the time of installation/before you start dumping 'real' data on the disk due to the fact that the encrypted form is 'simply' placed over the layer in which your data is/was stored. i.e. Using a method such as magnetic force microscopy, it may be possible (although highly unlikely) to retrieve the data that was overwritten with its encrypted form.

answered Jul 28 '10 at 16:31

emtunc

812
2
8
17

True, although I think at this point with the densities of disks, this theoretical issue is probably, just that :) Still, a point well made. – NinjaCat Jul 28 '10 at 17:30

score 1 · Answer 3 · answered Aug 01 '10 at 20:11

I am adding this as an alternative answer:

https://mknowles.com.au/wordpress/2009/12/02/ubuntu-karmic-koala-9-10-%E2%80%93-full-disk-encryption-with-usb-key-authentication-v2/

This is pretty slick because it allows you to store the key on a USB drive. The downside is that you have to encrypt the disk 1st, before you use it.

score 1 · Answer 4 · answered Aug 03 '10 at 15:21

1

We use WinMagic around my office for all of our machines. It's FDE and supports Windows, OS X, and Linux.

http://www.winmagic.com/products/linux-securedoc-disk-encryption

answered Aug 03 '10 at 15:21

Jacob K

129
3

Wait... it supports Linux now? Only thing that scares me with this product is that it is not open source, and there's no way to know if they've programmed a backdoor into it. Something that could very well be true given that they have US govt sign off on it. – NinjaCat Aug 03 '10 at 23:39

score 0 · Answer 5 · answered Jul 28 '10 at 16:12

0

~~I've done full disk encryption with TrueCrypt, and you do it once the OS is installed. The OS is irrelevant, provided it is supported by TrueCrypt.~~

EDIT: As it turns out, this is only supported on Windows. I apologise.

answered Jul 28 '10 at 16:12

I am pretty sure that it is not possible to do whole disk encryption with truecrypt on Linux. – Zoredache Jul 28 '10 at 16:15

Ubuntu 10.4 Full Disk Encryption

5 Answers5