[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fsuk-manchester] Follow-up: MFS Meeting. (at PLANT NOMA) Tue, 17 Ju

From: Michael Dorrington
Subject: Re: [Fsuk-manchester] Follow-up: MFS Meeting. (at PLANT NOMA) Tue, 17 July. "CryptoPractical"
Date: Fri, 27 Jul 2018 08:47:44 +0100
User-agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

On 21/07/18 18:19, Michael Dorrington wrote:
> On 12/07/18 08:46, Michael Dorrington wrote:
>> * Event: Manchester Free Software's July Meeting
>> * Talk: CryptoPractical
>> * Speaker: Michael Dorrington
> Exercises (and feel free to ask for help on the MFS mailinglist):
> 1. Set up an encrypted USB stick using LUKS.
> Some things to keep in mind:
> a) Triple check you are messing with the right block ("disk") device.
> Commands like `lsblk` and `lsblk --scsi` help here.
> b) Fill the disk/block device with random data first, something like:
> dd bs=1M if=/dev/urandom of=/dev/sdKNOWWHATYOUAREDOING

The Debian Reference manual has details how to do this in "Chapter 9.
System tips" under "9.8.1. Removable disk encryption with
dm-crypt/LUKS".  In this they use `badblocks` with random test pattern
instead of the above `dd` with urandom.  The badblocks command has the
advantage that it checks that the data written to the disk is the same
as that read back, particularly worth doing with USB sticks.  However,
I'm not sure the randomness is sufficiently random.  Advanced question,
how random is the "random" test pattern in badblocks, particularly
compared to urandom?

They also use the new cryptsetup syntax of "open --type luks" rather
than "luksOpen".



The Debian Reference manual is worth checking out.  It has been packaged
too, see: https://packages.debian.org/debian-reference-en


FSF member #9429
"The Free Software Foundation (FSF) is a nonprofit with a worldwide
mission to promote computer user freedom and to defend the rights of all
free software users."

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]