[Remops] Encrypting Remailer filesystem

Stefan Claas sac at 300baud.de
Sun May 26 19:14:53 BST 2019 

Grant Taylor wrote:

Hi Grant,

>  From memory, here's what I did.
> 
> 1)  Created a new virtual disk for my VPS.
> 2)  Used cryptsetup to encrypt said disk.
> 3)  Used cryptsetup luksOpen to open the encrypted disk and make it 
> accessible.
> 4)  Formatted the accessible encrypted disk.
> 5)  Mounted the formatted encrypted disk somewhere.  (/var/LUKS for
> this discussion)
> 6)  Created symbolic links from the directories that I wanted to be 
> encrypted to their counterpart on the encrypted file system.  I.e.:
>         /home -> /var/LUKS/home
>         /etc/mail -> /var/LUKS/mail
> 7)  I don't remember if I did anything special for shutdown or just
> let init scripts handle it.
> 8)  I have a script that I manually run after boot that does the 
> cryptsetup luksOpen, mounts the decrypted device, and starts services 
> that depend on things on the encrypted file system.
> 
> It's not graceful.  But it has been stable across many reboots for ~5
> years.
> 
> It also means that an offline copy of the data that I care about is 
> going to be difficult to get to.
> 
> If I were to (when I do) do this again, I'd look into the state of 
> encrypted disk support in operating systems & init scripts.  I think 
> more have better support (as in greater than zero) for things.
> 
> Aside:  I think I like encrypted block devices with file systems on
> top of them better than things that encrypt files on top of a regular 
> unencrypted file system.
> 
> Regarding swap:  According to crypttab's man page, there are options
> to have the system create random keys to (re)encrypt and remake swap
> on each boot.  Thus your swap partition has different encryption each
> boot. The rotation isn't as important as having encrypted swap.
> However, having encrypted swap makes it more difficult to diagnose
> things that rely on dumps to swap.  But, choose what's important for
> steady state (encrypted swap) vs debugging (unencrypted swap or
> predictable key).

Oh, a lot of infos! :-)

IIRC Zax's instructions were much shorter. Hopefully he still
reads the list and can give some input too!

Regards
Stefan

More information about the Remops mailing list