Active Topics
-
The N900 is now 15 years old! (9)
to Nokia N900 by Arno_11 - 49 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 5 days, 13 hrs ago - more...
 |
|
2008-07-18
, 17:34
|
|
Posts: 3,397 |
Thanked: 1,212 times |
Joined on Jul 2008
@ Netherlands
|
#82
|
Yes, the client can do the decrypting, or the server (over a secure line connected to client). I seriously doubt a NIT can outperform a fileserver in this regard, but I like to be surprised! 
Good point, on the unmounting but the encrypted HDD can remain mounted while its running as long as the system is not remotely exploitable. If one has physical access, they'd first need to perform say a cold boot attack method. USB access can be disabled.
I certainly recommend people not typing in their password in public. Which is one reason S/Key, OPIE or SSH keys are so useful. Sometimes the solution is less elegant. For example, I use Devicescape to log in to my WiFi hotspots.
I don't know if TrueCrypt supports some kind of key management (or even S/Key or OPIE itself), but I know LUKS does provide some basic key management which is very useful in (possible) hostile environments.
Good point, on the unmounting but the encrypted HDD can remain mounted while its running as long as the system is not remotely exploitable. If one has physical access, they'd first need to perform say a cold boot attack method. USB access can be disabled.
I certainly recommend people not typing in their password in public. Which is one reason S/Key, OPIE or SSH keys are so useful. Sometimes the solution is less elegant. For example, I use Devicescape to log in to my WiFi hotspots.
I don't know if TrueCrypt supports some kind of key management (or even S/Key or OPIE itself), but I know LUKS does provide some basic key management which is very useful in (possible) hostile environments.
 |
|
2008-07-22
, 15:17
|
|
Posts: 43 |
Thanked: 12 times |
Joined on Jun 2008
@ Winnpeg, MB, CAN
|
#83
|
thanks for making this great program available.
I have a question, if you have the time.
I've created a 50MB file on my external card and have successfully mounted it under /media/mqtcvolume
I can't seem to unmount it though.
when I type this:
# truecrypt -d
it thinks for a few seconds and then drops me back to the command line, but doesn't unmount the volume.
p.s. I'm using the latest (6.0a)
I have a question, if you have the time.
I've created a 50MB file on my external card and have successfully mounted it under /media/mqtcvolume
I can't seem to unmount it though.
when I type this:
# truecrypt -d
it thinks for a few seconds and then drops me back to the command line, but doesn't unmount the volume.
p.s. I'm using the latest (6.0a)
 |
|
2008-07-23
, 16:08
|
|
Posts: 107 |
Thanked: 26 times |
Joined on Jan 2008
@ New Jersey
|
#84
|
Couple questions so I can test this as well:
What OS are you running, Diablo or Chinook? What kind of filesystem are you mounting the volume as, vfat, ext2/3, etc?
I will try doing this on my N800 and let you know what happens.
What OS are you running, Diablo or Chinook? What kind of filesystem are you mounting the volume as, vfat, ext2/3, etc?
I will try doing this on my N800 and let you know what happens.
__________________
http://www.securix.net
http://www.prog.fm
http://www.securix.net
http://www.prog.fm
|
|
2008-07-23
, 16:49
|
|
Posts: 43 |
Thanked: 12 times |
Joined on Jun 2008
@ Winnpeg, MB, CAN
|
#85
|
thanks for the reply.
-Diablo
-I mounted the file (which is on a vfat formatted partition on my external microSD card) it by typing:
# truecrypt ./mqtcvolume /media/mqtcvolume
I'm not sure if that answers your question, but that's what I did.
Also, when I type:
# mount
...I don't see this mount point in the list, but perhaps I'm not supposed to.
Also, this mount seems to survive a shut down (without power adapter plugged in). Interesting...
Also amd for your FYI, I created the vo,ume by typing:
# truecrypt -t -c
thanks for your help.
-Diablo
-I mounted the file (which is on a vfat formatted partition on my external microSD card) it by typing:
# truecrypt ./mqtcvolume /media/mqtcvolume
I'm not sure if that answers your question, but that's what I did.
Also, when I type:
# mount
...I don't see this mount point in the list, but perhaps I'm not supposed to.
Also, this mount seems to survive a shut down (without power adapter plugged in). Interesting...
Also amd for your FYI, I created the vo,ume by typing:
# truecrypt -t -c
thanks for your help.
|
|
2008-07-23
, 17:57
|
|
Posts: 107 |
Thanked: 26 times |
Joined on Jan 2008
@ New Jersey
|
#86
|
Originally Posted by antikx
Ok I just tested this on CHINOOK and it seems to work well. I created a 10MB container with TC60a using AES and RIPEMD-160. Then I mounted it on an empty directory. I copied some files into it. I unmounted with -d.
# mount
...I don't see this mount point in the list, but perhaps I'm not supposed to.
Also, this mount seems to survive a shut down (without power adapter plugged in). Interesting...
You ARE supposed to see mount point entries. Make sure you have FUSE installed and that you're seeing mount entries for FUSE and /dev/loop0. If you don't then either FUSE isn't there or the version you're using doesn't work with Diablo.
Here's the actual output (I added some blank lines for clarity):
Code:
Nokia-N800-50-2:/media/mmc2# /home/user/tc6 --filesystem=vfat test-tc6-vol secure Warning: Your system uses an old version of the Linux kernel. Due to a bug in the Linux kernel, your system may stop responding when writing data to a TrueCrypt volume. This problem can be solved by upgrading the kernel to version 2.6.24 or later. Enter password for /media/mmc2/test-tc6-vol: Enter keyfile [none]: Protect hidden volume? (y=Yes/n=No) [No]: Nokia-N800-50-2:/media/mmc2# mount <unimportant mount point entries deleted> fuse on /var/tmp/.truecrypt_aux_mnt1 type fuse (rw,nosuid,nodev,user_id=0,group_id=0,allow_other) /dev/loop0 on /media/mmc2/secure type vfat (rw,fmask=0077,dmask=0077,codepage=cp437,iocharset=iso8859-1) Nokia-N800-50-2:/media/mmc2# cd secure Nokia-N800-50-2:/media/mmc2/secure# ls dsc00106.jpg dsc00107.jpg Nokia-N800-50-2:/media/mmc2/secure# cd .. Nokia-N800-50-2:/media/mmc2# /home/user/tc6 -d Nokia-N800-50-2:/media/mmc2# FUSE and /dev/loop0 mount points are gone.
__________________
http://www.securix.net
http://www.prog.fm
http://www.securix.net
http://www.prog.fm
|
|
2008-07-24
, 17:51
|
|
Posts: 43 |
Thanked: 12 times |
Joined on Jun 2008
@ Winnpeg, MB, CAN
|
#87
|
Thanks for your help and for doing some testing.
hmmm... OK. I think I must have messed up somewhere and it never actually mounted it in the first place.
I verified that I have the fuse deb installed from your web page.
What commandline did you use to create the volume?
hmmm... OK. I think I must have messed up somewhere and it never actually mounted it in the first place.
I verified that I have the fuse deb installed from your web page.
What commandline did you use to create the volume?
|
|
2008-07-24
, 20:48
|
|
Posts: 107 |
Thanked: 26 times |
Joined on Jan 2008
@ New Jersey
|
#88
|
I made sure to use the same command line options as you did.
# tc6 -t -c
Are you getting any other errors that are maybe hiding within all the output text?
Did you install the newer libstdc++.so module (I dont know if this has been updated in Diablo but you should check to be sure). Instructions are also on my site.
If you are using SSH to connect to your device, you can paste me your output and email it to me and I can take a look.
# tc6 -t -c
Are you getting any other errors that are maybe hiding within all the output text?
Did you install the newer libstdc++.so module (I dont know if this has been updated in Diablo but you should check to be sure). Instructions are also on my site.
If you are using SSH to connect to your device, you can paste me your output and email it to me and I can take a look.
__________________
http://www.securix.net
http://www.prog.fm
http://www.securix.net
http://www.prog.fm
|
|
2008-07-24
, 20:55
|
|
Posts: 43 |
Thanked: 12 times |
Joined on Jun 2008
@ Winnpeg, MB, CAN
|
#89
|
yes, I used your libstdc++ as the diablo one was a couple vers older.
I'll try it again tnite and get back to you.
It's probably just some mistake I made.
I'll try it again tnite and get back to you.
It's probably just some mistake I made.
|
|
2008-09-14
, 16:07
|
|
Posts: 551 |
Thanked: 46 times |
Joined on Oct 2007
|
#90
|
switch to Diablo and just loaded Easycrypt with truecrypt 6. I get the following error when I try to mount a file. Can someone please walk me through this error. I setup the .tc file on mmc2 in mydocs folder as 5mb file(not clear if should be at least 50mb). I also setup a .tc file on mmc1 with 32mb but I get same error. I'm running Diablo, with dual boot on an N800 with 1gb swap partition. I really need this working because I'm travelling a lot abroad. Any ideas or help. TIA.
Last edited by dan; 2008-09-15 at 00:57.
Last edited by dan; 2008-09-15 at 00:57.
I think you're referring to keeping a container on a remote server and having the remote server actually mount the volume so the server is doing the crypto. The only thing I'd be careful with in that scenario is that you dismount the volume when you're done.
I'm not sure I'd bother encrypting a hard drive or volume on a server that is powered on 24/7 unless you're worried about it getting physically stolen. If someone can physically get to the server and access it locally via the console or copy out your data to a USB device then encryption won't really help.
http://www.securix.net
http://www.prog.fm