[Remops] Encrypting Remailer filesystem

SEC3 pinger-admin at sec3.net
Mon May 27 00:26:57 BST 2019


On Sun, May 26, 2019 at 08:14:53PM +0200, Stefan Claas wrote:
> Grant Taylor wrote:
> 
> Hi Grant,
> 
> >  From memory, here's what I did.
> > 
> > 1)  Created a new virtual disk for my VPS.
> > 2)  Used cryptsetup to encrypt said disk.
> > 3)  Used cryptsetup luksOpen to open the encrypted disk and make it 
> > accessible.
> > 4)  Formatted the accessible encrypted disk.
> > 5)  Mounted the formatted encrypted disk somewhere.  (/var/LUKS for
> > this discussion)
> > 6)  Created symbolic links from the directories that I wanted to be 
> > encrypted to their counterpart on the encrypted file system.  I.e.:
> >         /home -> /var/LUKS/home
> >         /etc/mail -> /var/LUKS/mail
> > 7)  I don't remember if I did anything special for shutdown or just
> > let init scripts handle it.
> > 8)  I have a script that I manually run after boot that does the 
> > cryptsetup luksOpen, mounts the decrypted device, and starts services 
> > that depend on things on the encrypted file system.
> > 
> > It's not graceful.  But it has been stable across many reboots for ~5
> > years.
> > 
> > It also means that an offline copy of the data that I care about is 
> > going to be difficult to get to.
> > 
> > If I were to (when I do) do this again, I'd look into the state of 
> > encrypted disk support in operating systems & init scripts.  I think 
> > more have better support (as in greater than zero) for things.
> > 
> > Aside:  I think I like encrypted block devices with file systems on
> > top of them better than things that encrypt files on top of a regular 
> > unencrypted file system.
> > 
> > Regarding swap:  According to crypttab's man page, there are options
> > to have the system create random keys to (re)encrypt and remake swap
> > on each boot.  Thus your swap partition has different encryption each
> > boot. The rotation isn't as important as having encrypted swap.
> > However, having encrypted swap makes it more difficult to diagnose
> > things that rely on dumps to swap.  But, choose what's important for
> > steady state (encrypted swap) vs debugging (unencrypted swap or
> > predictable key).
> 
> Oh, a lot of infos! :-)
> 
> IIRC Zax's instructions were much shorter. Hopefully he still
> reads the list and can give some input too!
> 
> Regards
> Stefan


Hi Stefan & Grant,

This subject at one time was of great interest to me. I made note of the
discussion on APA-S, back in 2014. Here it is:

<https://groups.google.com/forum/message/raw?msg=alt.privacy.anon-server/stJi0CCkz44/oomq2VaCkYMJ>

Zax therein describes protecting his secring.mix key with a small encrypted partition using
cryptsetup.

Hope this helps, Stefan. If this is your first time working with partitions on
your VPS you will want to proceed with caution. Make backups. Maybe wait til Zax
replies to this and he could advise you further.


-- 
SEC3
Contact information at <https://sec3.net>
I am also on Keybase <https://keybase.io/sec3>


More information about the Remops mailing list