9
2
Background Information
I'm a Linux newbie recently weaned off Windows. I'm currently using Ubuntu 11.04 without full disk encryption. Only my home directory is encrypted, and with eCryptFS. Lately, I've begun to notice that the encryption isn't as transparent as it should be. VMWare, for example, sometimes runs into problems for virtual machines stored in my encrypted home directory, so I simply moved the virtual machines to an unencrypted location and linked to it from my encrypted home directory. But that's besides the point: I've realized it's actually not very secure to leave the system unencrypted since an open source operating system like Ubuntu is very easy to modify to divulge information it's supposed to keep secret.
Goal
I'd like to be able to have full disk encryption work in conjunction with a key device and a password for pre-boot authentication.
Requirements/Details
- The entire disk must be encrypted. At a minimum, the disk consists of individual partitions which are all encrypted. If it's possible to hide even the partitions with encryption, I'll go for it. The more transparent the encryption is, the better; I should not have to use my computer any differently or configure anything else.
- The device used to unlock and boot the encrypted partition must be a small external portable device. This serves two purposes: the boot loader is much less likely to be altered for malicious purposes since it'll stay with me when not in use; and the key files to decrypt the disk will not be found anywhere on the encrypted disk itself in any form.
- The key files should be encrypted with a password. Should I lose both my computer and my USB device, the data and operating system will still be safe. If I lose the USB key or it's compromised, I can create another clean one from a backup. No information is divulged in either case. Of course, if I lose my computer, it's inconsequential.
Yes, I have looked at guides from many places, but the problem is that they don't address all of the requirements (especially number 3). I'm pretty sure my requirements are common enough that someone has tried and successfully implemented such a setup already. I'd be grateful if any Linux pro could share a solution.
2Re "since an open source operating system like Ubuntu is very easy to modify to divulge information it's supposed to keep secret." - You'd be amazed at how easy it is to convince closed source OSes to do the same. The fact that a program is open-source means nothing about its security or insecurity against local attacks. – user1686 – 2011-07-02T10:54:20.827