FDE Linux, Ubuntu.

Discussion in 'privacy technology' started by Taliscicero, Sep 25, 2010.

Thread Status:
Not open for further replies.
  1. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Can Truecrypt do FDE on Linux Ubuntu?

    I cant see an option for this in the GUI, If it cant then please recommend some programs that will. I would be most interested to see what you guys have to say :)
     
  2. box750

    box750 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    260
    To the best of my knowledge, Truecrypt can not do FDE on Linux, it is very ironic that an open source project has more features in Windows than in Linux, it does not precisely encourage users to swap their Windows operating system for Linux, but that is how it is.

    I heard of dm-crypt for full disk encryption in Linux but I can not tell you how it works, never done it myself.
     
  3. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    I've set up a couple Ubuntu Lucid x64 servers as follows.

    • install at least three hard drives (e.g., four 1 TB 7.2 Krpm WD RE3 or Barracuda ES SATAs)
    • Use the server ISO (can add GNOME desktop later if desired)
    • choose manual partitioning
    • create 100 MB partition at the beginning of each drive, marked for RAID
    • create ~1 TB logical partition on each drive, using remaining space, marked for RAID
    • create RAID5 array using the 100 MB partitions (md0) -- this will be /boot
    • create RAID5 array using the ~1 TB partitions (md1), marked for encryption
    • configure encryption on md1, and mark encrypted volume for LVM
    • create logical volume for swap (ca. twice system memory) as type swap
    • create logical volume for root (ca. 20-30 GB) as type ext4
    • create logical volume for home using remaining space as type ext4
    • go back to md0, and mark it as bootable, with type ext4
    • finish installation
    I just wrote that from memory, and welcome comments/corrections.

    PS: With four 1 TB 7.2 Krpm WD RE3 SATAs:
    • md0 reads at 336 MBps (207 MBps to 5.8 GBps)
    • md1 reads at 228 MBps (142-259 MBps)
     
    Last edited: Sep 25, 2010
  4. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Haha, I'm not looking for a complicated solution even though your method seems interesting, its just a simple 250GB laptop on a x64bit system. :)

    Yeah, It sucks that truecrypt cant, i was shocked when i could not find the FDE selection.
     
  5. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    OK, just ignore the RAID part. The key point is that there's a separate boot partition that doesn't get encrypted and managed by LVM.
     
Loading...
Thread Status:
Not open for further replies.