Re: [Fsuk-manchester] Follow-up: MFS Meeting. (at PLANT NOMA) Tue, 17 July. "CryptoPractical"

[Michael Dorrington]

On 21/07/18 18:19, Michael Dorrington wrote:
> On 12/07/18 08:46, Michael Dorrington wrote:
> 
>> * Event: Manchester Free Software's July Meeting
>>
>> * Talk: CryptoPractical
>> * Speaker: Michael Dorrington
> 
> Exercises (and feel free to ask for help on the MFS mailinglist):
> 
> 1. Set up an encrypted USB stick using LUKS.
> 
> Some things to keep in mind:
> 
> a) Triple check you are messing with the right block ("disk") device.
> Commands like `lsblk` and `lsblk --scsi` help here.
> 
> b) Fill the disk/block device with random data first, something like:
> 
> dd bs=1M if=/dev/urandom of=/dev/sdKNOWWHATYOUAREDOING

The Debian Reference manual has details how to do this in "Chapter 9.
System tips" under "9.8.1. Removable disk encryption with
dm-crypt/LUKS".  In this they use `badblocks` with random test pattern
instead of the above `dd` with urandom.  The badblocks command has the
advantage that it checks that the data written to the disk is the same
as that read back, particularly worth doing with USB sticks.  However,
I'm not sure the randomness is sufficiently random.  Advanced question,
how random is the "random" test pattern in badblocks, particularly
compared to urandom?

They also use the new cryptsetup syntax of "open --type luks" rather
than "luksOpen".

See:

https://www.debian.org/doc/manuals/debian-reference/ch09.en.html#_removable_disk_encryption_with_dm_crypt_luks

The Debian Reference manual is worth checking out.  It has been packaged
too, see: https://packages.debian.org/debian-reference-en

M.

-- 
FSF member #9429
http://www.fsf.org/register_form?referrer=9429
http://www.fsf.org/about
"The Free Software Foundation (FSF) is a nonprofit with a worldwide
mission to promote computer user freedom and to defend the rights of all
free software users."

signature.asc
Description: OpenPGP digital signature