[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Pam_mount and encrypted filesystem keys
I have been working a lot on Elvis Pfützenreuter's pam_mount PAM module.
This module allows one to mount, among other things, loopback encrypted
filesystems at login time. The module makes it easy for a user to have
an encrypted home directory. The module is available at
http://www.flyn.org but is not quite ready for prime time.
I recently added the concept of an encrypted filesystem key, similar to
that which loop-AES uses. For example, given:
sk
system key, the key or password used to log into the system
fsk
filesystem key, the key that allows you to use the filesystem
you wish pam_mount to mount for you
E and D
an openssl supported synchronous encryption/decryption algorithm
efsk
encrypted filesystem key, efsk = E_sk (fsk), stored somewhere
on the local filesystem (ie: /home/user.key)
Pam_mount will read efsk from the local filesystem, perform
fsk = D_sk (efsk) and use fsk to mount the filesystem. If you change
your system password, simply regenerate efsk using efsk = E_sk (fsk).
Does this technique appear to make sense from a security point of view?
I am using the following technique to create encrypted volumes with a
random key, encrypted with the user's system password and stored on the
local filesystem:
a. dd if=/dev/urandom of=/home/user.img bs=1M count=<image size in MB>
b. dd if=/dev/urandom bs=1c count=<keysize / 8> | openssl enc \
-<fs key cipher> > /home/user.key
Encrypt this file using the user's login password as the key.
c. openssl enc -d -<fs key cipher> -in /home/user.key | losetup -e aes \
-k <keysize> -p0 /dev/loop0 /home/user.img
d. mkfs -t ext2 /dev/loop0
...
n - 1. umount /dev/loop0
n. losetup -d /dev/loop0
Again, does this technique also make sense?
--
Mike
:wq
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/