|
Re: cryptsetup: encrypted filesystem on your N900
Quote:
On my SD card, I have a tiny vfat partition for when I need to reflash (because of other reasons than encryption). The rest of the 16Gb I have in a separate encrypted partition... I'm using it all the time, no probs whatsoever. All the pics etc. taken with the phone go there etc. and of course all data... In my opinion this is a must, if you lose your phone or it gets stolen, it's painful, but at least your data is gonna be safe and unuseable. |
Re: cryptsetup: encrypted filesystem on your N900
Quote:
1) So you've only encrypted the SD card. The eMMC disk is still unencrypted? 2) When and how do you enter the password for the encrypted partition? |
Re: cryptsetup: encrypted filesystem on your N900
Quote:
Example: Attacker looking for photos taken by N900. Situation A Attacker finds a folder with a few encrypted files, each ranging from 800KB to 1.2MB Situation B Attacker finds only a file with a 1GB encrypted content. Further studies of this file shows that the data written there looks a lot like ramdom garbage. Isn't it clear what situation is safer? See above.[/QUOTE] |
Re: cryptsetup: encrypted filesystem on your N900
Quote:
I'm only talking about encrypted file systems and not files encrypted one by one. Situation A has, as far as I know, never been mentioned by me (apart form a suggestion for encryption of separate files before venturing into FS land). |
Re: cryptsetup: encrypted filesystem on your N900
Quote:
|
Re: cryptsetup: encrypted filesystem on your N900
Quote:
The DCIM folder etc. I also store on the encrypted SD and just created eMMC symlinks to it. Quote:
If you'd want to encrypt the eMMC and preserve home on it etc. you'd have to mess with creating an initrd that would ask for password on boot etc. There's all kinds of potential problems where your device (well, at least mine) would hang and you'd have to reflash before you'd get it right, that I decided - to hell with it, not worth the trouble, but I think it could be done. Jebba's kernel had a framebuffer enabled, so you'd be able to see prompts for the pass and enter it. Now however I'm using Titan's overclocking kernel, and would have to mess with recompiling and the initrd... No go for me. If you do it, let us know here... |
Re: cryptsetup: encrypted filesystem on your N900
Quote:
Quote:
When I have some spare time I take another look. Thanks anyway. |
Re: cryptsetup: encrypted filesystem on your N900
I'm currently running my n900 with encrypted swap, /home /home/user/MyDocs.
This is possible thanks to jebbas kernel, which allows for pw input on the framegrabber console. Unfortunately the hildon gui still randomly display some "unsupported filesystem" messages which I cannot track to any root cause and even wierder when using the camera the device tends to reboot - despite the filesystem on the encrypted /home/user/MyDocs being vfat. Now a couple of questions: - Any hints regarding the "unsupported filesystem" and reboot issues? - Any experience on running jebbas kernel on PR1.2? - Any cleanly integrated (GUI) dm-crypt layer in sight? |
Re: cryptsetup: encrypted filesystem on your N900
Quote:
How did you set it up, just encrypt /home and that's it? What's your /etc/fstab Did you have to mess with anything else, I assume since root isn't encrypted you didn't have to mess with initrd... |
Re: cryptsetup: encrypted filesystem on your N900
Maemo uses upstart for system init which is highly parallelized. So the trick was to make some scripts in the boot process depend on my cryptsetup script /etc/event.d/crypsetup:
Code:
start on started sgxCode:
start on CRYPT_OKCode:
sfdisk -lCode:
cat /etc/crypttabCode:
cat /etc/fstab It works _somehow_. Still random reboots and this "unsupported storage format" message popping up make it annoying to use. Does anybody have a clue in what scripts maemo checks for "supported storage formats"? Thanks Wirr |
| All times are GMT. The time now is 16:24. |
vBulletin® Version 3.8.8