Home » linux documentation » file management » cryptsetup-luks on fedora

cryptsetup-luks on fedora: step 4

by tom.mcmanus | Thu, 10/23/2008 - 15:53

cryptsetup-luks on fedora: step 4

Step 4a: (Optional) Check the hard disk for errors and fill it with random data.

(Much of the following was shamelessly lifted from William Owen Smith's HOWTO: EncryptedDeviceUsingLUKS.)

It's probably a good idea to check for errors on the partition where /home will be mounted. Not only is this good practice, but modern hard disks contain a few 'spare' sectors, and if they detect errors in reading, they can silently replace the bad sector with a backup sector (this is invisible to the OS). So writing and reading the entire disk before you start should allow this to happen.

We will now use the information in /etc/fstab to determine the partition that is currently mounted on /home. (This partition may be represented as a logical volume, as it is in the example below.) You should see a line in /etc/fstab that is similar to the following:

/dev/vg0/home /home ext3 defaults 1 2

The above line indicates that partition /dev/vg0/home, which is actually a logical volume, is currently mounted on /home. We will use this partition as our physical device. We need to unmount this device in order the proceed with the next steps:

# umount /home

It's good to fill an encrypted disk with initial random data. This makes breaking the passphrase so much harder. The below method is sufficient for a casual attack but is not 'random enough' to defeat sophisticated cryptographers. If you need protection against sophisticated cryptanaylsis, use the '/dev/urandom' method shown in Step 4b.

The following command will perform a disk check and fill the disk with random data at the same time. Read the man page for more details on this command:

# /sbin/badblocks -c 10240 -s -w -t random -v /dev/vg0/home
(wait several hours...)
Checking for bad blocks in read-write mode
From block 0 to 295360984
done
Reading and comparing: done
Pass completed, 0 bad blocks found.
#

The -c option will test 10,240 blocks at a time. The -s option will show the progress of the scan by writing out the block numbers as they are checked. The -w option scans for bad blocks by writing some patterns (0xaa, 0x55, 0xff, 0x00) on every block of the device, reading every block and comparing the contents. The -t options specifies that each scanned block should be filled with a random bit pattern. The -v option indicates verbose mode. The physical device (logical volume) is /dev/vg0/home.

This will take some time. On William Owen Smith's USB-attached 300Gb disk it took around 8 hours. Phase 1 will write random data to the disk, phase 2 will read it back and verify it.

Step 4b: (Optional) Fill the disk with random data

If you didn't do Step 4a (or you left out the -t random option), do Step 4b. This will take a long time, because generating good quality random data is very CPU intensive. However, this method is 'more random' (and more secure) than the primitive random number generator included in 'badblocks', above.

One minor advantage to the method in Step xa above is that it has a progress indicator, while "dd" only shows its progress when a USR1 signal is sent to it ("kill -USR1 `pidof dd`").

# dd if=/dev/urandom of=/dev/vg0/home
(wait several hours...)