Full encryption
Once there was an idea to hide the data away from people's eyes, I poked around various encryption systems and found a huge minus in them, they advertise their presence (need to be installed) and make the cryptocontainer explicit (empty section or file with a cryptocontainer)
i.e. in both cases, “thermorectal cryptanalysis TM ” is possible due to the fact that there is encrypted information on the computer.
Which led me to write a small script.
It can be run even with LiveCD, it does not create encrypted files or partitions, but of course it has the following problems:
Below is the code, use it at your own risk, in which case I will not be liable for damage to your data.
Who cares, look under the cat.
The essence of all body movements is to create a cryptocontainer on a used disk in an unused area using only the built-in commands of the standard Ububntu LiveCD.
I tested it only in the sandbox (on a separate section of 200 MB in size I created a 50 MB cryptocontainer with an offset of 50 MB) MD5 the sum of the files on the physical partition (20 MB) and inside the cryptocontainer (10 MB) matched the originals.
We do everything under the root (sudo su).
device, place (Displacement), replace the size with your own. The size and offset from the beginning of the disk is everywhere indicated inmegabytes bytes.
modprobe cryptoloop
modprobe aes
mkdir ~ / mnt1
mount -t tmpfs ~ / mnt1
dd if = / dev / urandom of = ~ / mnt1 / file bs = 1M count = size
losetup -e aes / dev / loop2 ~ / mnt1 / file
// enter the password
mkfs -t ext2 / dev / loop2
dd if = / dev / loop2 of = device bs = 1M seek = location count = size
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size >
// enter the password
mount / dev / loop1 <mount point>
mkfs -t ext2 <mount point>
modprobe cryptoloop
modprobe aes
mkdir ~ / mnt1
mkdir ~ / mnt2
mount -t tmpfs ~ / mnt1
dd of = ~ / mnt1 / file if = device bs = 1M skip = place count = size
losetup -e aes / dev / loop2 ~ / mnt1 / file
// enter the password
mount / dev / loop2 ~ / mnt2
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size>
// enter the password
mount / dev / loop1 <mount point>
umount / dev / loop2
dd if = / dev / loop2 of = device bs = 1M seek = location count = size
umount / dev / loop1
If anyone knows a simpler solution, please ask in the comments. And once again I warn you, this method is dangerous for your data, use it only in extreme cases. There may also be errors and inaccuracies in the script, so I do not recommend using it on very important data.
PS: As a continuation of this method, in a small container created by this method, you can put a complete encryption program, for example, the same Truecrypt. Or come up with something of your own using a similar principle, but already more convenient and more secure.
UPD: Early was young and stupid, everything is done much easier than it was originally presented, actually corrected the article.
i.e. in both cases, “thermorectal cryptanalysis TM ” is possible due to the fact that there is encrypted information on the computer.
Which led me to write a small script.
It can be run even with LiveCD, it does not create encrypted files or partitions, but of course it has the following problems:
- it is necessary to control data integrity manually;
Below is the code, use it at your own risk, in which case I will not be liable for damage to your data.
Who cares, look under the cat.
The essence of all body movements is to create a cryptocontainer on a used disk in an unused area using only the built-in commands of the standard Ububntu LiveCD.
I tested it only in the sandbox (on a separate section of 200 MB in size I created a 50 MB cryptocontainer with an offset of 50 MB) MD5 the sum of the files on the physical partition (20 MB) and inside the cryptocontainer (10 MB) matched the originals.
We do everything under the root (sudo su).
device, place (Displacement), replace the size with your own. The size and offset from the beginning of the disk is everywhere indicated in
Create
modprobe cryptoloop
modprobe aes
mount -t tmpfs ~ / mnt1
dd if = / dev / urandom of = ~ / mnt1 / file bs = 1M count = size
losetup -e aes / dev / loop2 ~ / mnt1 / file
// enter the password
mkfs -t ext2 / dev / loop2
dd if = / dev / loop2 of = device bs = 1M seek = location count = size
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size >
// enter the password
mount / dev / loop1 <mount point>
mkfs -t ext2 <mount point>
Mount
modprobe cryptoloop
modprobe aes
mkdir ~ / mnt2
mount -t tmpfs ~ / mnt1
dd of = ~ / mnt1 / file if = device bs = 1M skip = place count = size
losetup -e aes / dev / loop2 ~ / mnt1 / file
// enter the password
mount / dev / loop2 ~ / mnt2
losetup -e aes / dev / loop1 <device> -o <place> --sizelimit <size>
// enter the password
mount / dev / loop1 <mount point>
Unmount
dd if = / dev / loop2 of = device bs = 1M seek = location count = size
umount / dev / loop1
Note
If anyone knows a simpler solution, please ask in the comments. And once again I warn you, this method is dangerous for your data, use it only in extreme cases. There may also be errors and inaccuracies in the script, so I do not recommend using it on very important data.
PS: As a continuation of this method, in a small container created by this method, you can put a complete encryption program, for example, the same Truecrypt. Or come up with something of your own using a similar principle, but already more convenient and more secure.
UPD: Early was young and stupid, everything is done much easier than it was originally presented, actually corrected the article.