[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Encrypting DVD:s and CD:s
Thanks.. I'll take a look at that.
Jari Ruusu wrote:
> Gabriel Jägenstedt wrote:
>
>>I have the following line in fstab.
>>/dev/hdc /mnt/secure iso9660
>>ro,user,noauto,loop=/dev/loop11,encryption=AES256,gpgkey=/etc/keys/cd_dvdkey.gpg
>>
>>What I want is basicly a simple way to encrypt stuff that is off my
>>drive. I'm sure it is possible to do it in some way writing a simple
>>script and having one file on the disc but I can't help think there is a
>>better way.
>
>
> Each CD and DVD must have its own key file. If you use same key file for
> multiple file systems, you start getting identical ciphertext blocks, which
> is bad for security.
>
> aespipe README example 3.3. shows how to encrypt CDs. It puts a key file at
> beginning of the CD and specifies offset for encrypted data. If you want to
> be able to change passphrase afterwards, then encrypt the key file using gpg
> public-key crypto. Changing gpg private-key passphrase changes your CD/DVD
> mount passphrase.
>
> http://loop-aes.sourceforge.net/aespipe.README
>
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/