Archive for the 'distros' Category

16 GB encrypted candy file

Date: May 5, 2010. Categories: backup, centos, debian, distros, docs, fedora, hacks, linux, shell and ubuntu. Comments

Update: as far as cryptoloop is vulnerable and is not maintained I don’t recommend using below approach for creating encrypted for for those of you who require strong security. Use truecrypt to create encrypted filesystem within a file instead.

passwords.txtToday it came to my mind that it is time to make sensitive information stored on my usb flash drive encrypted but still transportable and easy to use. But I don’t want to have whole my 32 GB usb drive fully encrypted using truecrypt or something similar. It is just toooo slow. I also don’t want to use GPG for uncompressing files and directories every time I would like to read them and then create new GPG compressed file every time I save changes. This eats too much of my time and system resources. At the same time it is necessary to be able to use that usb drive under windows, mac, linux whatever (read/write files) but still have my directory structure with sensitive files encrypted. Here is the solution: create encrypted filesystem within a file named, say, 16GB.candy.bin that could be stored on regular windows formatted usb flash drive and then mounted under Linux using the password.

When it becomes necessary I can mount that 16GB.candy.bin as the regular ext3 filesystem with all those stuff like permissions, ownership etc. that is available on ext3 but not in FAT or NTFS. On my windows formatted flash drive candy takes only 16 GB so I can use the rest of space to store not so sensitive information like mp3, movies or photos. Moreover I on windows or linux to read it.

Let’s create that 16GB.candy.bin file with encrypted ext3 filesystem (read below explanations below carefully before just to copy/paste commands into CLI):

[root@artemn root]# cd /path/to/candy/

[root@artemn root]# modprobe cryptoloop

[root@artemn root]# modprobe aes

[root@artemn root]# dd if=/dev/urandom of=16GB.candy.bin bs=1048576 count=16000

[root@artemn root]# losetup -e aes /dev/loop0 16GB.candy.bin

[root@artemn root]# mkfs.ext3 /dev/loop0

[root@artemn root]# tune2fs -i 0 -c 0 /dev/loop0

Here are some points: using above commands we create encrypted file of 16 GB so if you need to have more or less just change “count=16000″ in dd line. “count=16000″ means 16GB so “count=20″ means 20MB. Path ‘/path/to/candy/’ is for example only so you should change it to real directory that is able to host encrypted file (16 GB in above example). Command losetup is present in most Linux distributions (btw I recommend Ubuntu especially newly released Lucid Lynx) but if it is not use your disro’s packet manager to install it or compile from sources (for super geeks only, Mr. Stallman if you read this article — Hello). Reader, you can replace “/dev/urandom” in dd line with “/dev/zero” that will make that command to finish faster but will lower security level of resulting file (read about AES for better understanding). You will need to enter the password when running losetup command so make sure it safe and long enough like ‘6U2sAsR37Hn8122dGsaPrew1twt’ but not ‘abc123′ or ‘iloveyou’.

Once commands are done you will get 16GB.candy.bin containing encrypted ext3 filesystem. You can store this file where ever you want, say, on a flash drive. If you loose it nobody won’t be able to open it until he (or she!) cracked AES encryption (use long passwords to prevent this). As the next step it is required to mount filesystem and store some files/directories in it:

[root@artemn root]# mkdir -p /mnt/candy

[root@artemn root]# cd /path/to/candy/

[root@artemn root]# mount -t ext3 -o loop,encryption=aes 16GB.candy.bin /mnt/candy

[root@artemn root]# cd /mnt/candy

[root@artemn root]# #save files, edit them, view or anything you want

[root@artemn root]# cd /

[root@artemn root]# umount /mnt/candy

When you unmount 16GB.candy.bin the changes are already saved there so it’s not required to compress and encrypt anything unlike with GPG.

P.S. This post is inspired by Loopback tricks article. Thanks to the author. Good luck!

Google Chromium OS!

Date: November 20, 2009. Categories: distros, google and news. Comment

Today Google has announced operating system Google Chromium OS. It still not ready to end users as is under deep development but now everyone can see its concepts, benefits and nature. Astonishing news as for me. There were a lot of rumors about Google OS (gos) before it was presented to the public in real. Now it’s clear that the most promising OS these days is based on Linux kernel. Let’s see what Google just have presented in details:

  1. All apps are web apps. The entire experience takes place within the browser and there are no conventional desktop applications. This means users do not have to deal with installing, managing and updating programs.

  2. Because all apps live within the browser, there are significant benefits to security. Unlike traditional operating systems, Chrome OS doesn’t trust the applications you run. Each app is contained within a security sandbox making it harder for malware and viruses to infect your computer. Furthermore, Chrome OS barely trusts itself. Every time you restart your computer the operating system verifies the integrity of its code.

  3. We are obsessed with speed. We are taking out every unnecessary process, optimizing many operations and running everything possible in parallel. This means you can go from turning on the computer to surfing the web in a few seconds.

  4. Chromium OS User Interface Concepts (video)

    5. Chromium OS screenshot

  5. Design Documents: Software Architecture, Security Overview

VMware Virtual Machine with Chromium OS can be found here (torrent).

GIMP to be removed from Ubuntu?

Date: November 19, 2009. Categories: applications, distros, linux and ubuntu. 11 Comments

This could be an outstanding news by its significance. The next version of Ubuntu (Lucid Lynx or Ubuntu 10.04) won’t include GIMP (GNU Image Manipulation Program) by default due to its user interface that is too complex… What a #@^*?

Actually complex UI is not the only decision why GIMP should be vanished from Ubuntu so here is the full list:

  • the general user doesn’t use it
  • its user-interface is too complex
  • it’s an application for professionals
  • desktop users just want to edit photos and they can do that in F-Spot
  • it’s a photoshop replacement and photoshop isn’t included by default in Windows…
  • it takes up room on the disc

(taken from here)

Still sounds like fresh nonsense? What about F-Spot as a replacement? Well, an average user most probably claim that above mentioned reasons are true. Maybe that’s why GIMP already dropped from latest Fedora 12. But what should do people who use GIMP every day and loves Ubuntu???

Just execute ‘sudo aptitude install gimp:)

Distribution of the week: BackTrack — Network Security Suite

Date: March 5, 2009. Categories: distros, links and linux. Comments

BackTrack is Live distribution for penetration and security tests. This is how its developers describe it. But there are plenty of tools, utilities, programs behind this brief description. Let’s dig into.

BackTrack logo

This distribution started from the merge of two ones: WHAX (or Whoppix) and Auditor Security Collection (the swiss army knife for security assessments). The latest stable version (BackTrack 3) contains more than 300 tools (including such monsters as wireshark, nmap, hping and others) which will be appreciated by every security professional. All tools are categorized into:

1. Information gathering
2. Network Mapping
3. Vulnerability Identification
4. Penetration
5. Privilage Escalation
6. Maintaining Access
7. Covering Tracks
8. Radio Network Analysis (Wi-Fi and Bluetooth)
9. VoIP and Telephony Analysis
10. Digital Forensics
11. Reverse Engineering

The full list of tools with descriptions you can find at official BackTrack wiki, screenshots and documentation are here.

Download Now: CD Image, USB Image. More?

Speedlinks – 29 December, 2008

Date: December 29, 2008. Categories: applications, distros, links and news. Comments

1. Linux kernel 2.6.28 was officially released at 28 Dec, 2008: ext4, graphics execution manager (GEM), TAINTed_CRAP. See First Look by arstechnica.com.

P.S. Linus “almost Santa” Torvalds’ announcement is definitely worth reading:

Listen to the cheerful grinding of your harddisk as you reboot into an all-new kernel – and I’m sure that if your computer could smile, it would have a big silly grin on its non-existent face. So as you sit there in your basement, give your computer the holiday cheer too.

2. Top 10 Coolest Open Source Applications in 2008. Well, good reading in New Year Eve.

3. Bootable FSF membership cards: USB flash drive comes with pre-installed gNewSense 2.1.

4. Sabayon Linux 4.0 is realeased (smart Gentoo based distro): 25% boot speed gain, 8500 applications, ext4, KDE 4.1.3, Gnome 2.24.2, OpenOffice.org 3.0, Firefox 3.0 and more…

5. Pidgin 2.5.3 is out. Best GTK based instant messenger is ready for downloading. Changelog.

« Previous Entries
Pages: 1 2 3 4 5 Next
Friendly Sites:Who is behind Linux Screw?
GeekyBits³ | Bash Cures Cancer | OMG! Ubuntu!
My SysAd Blog | Web Upd8
ZEPY | Linux config Wiki | Planet Sysadmin
a non-geek's linux notes | Linux Today
Linux HOWTOs, Tutorials & Projects with Adam Palmer | LinuxAlt.Com
 My name is Artem N. (artiomix AT gmail DOT com) and I'm Linux/Unix, Cisco systems engineer. The main idea of Linux Screw is to share relevant knowledge, skills and observations over The Web. Here you can find a lot of information related to different Linux distributions, FreeBSD, IOS as well as a other Open Source around staff. Read more ››