Search Results

Search found 2089 results on 84 pages for 'symmertric encryption'.

Page 16/84 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

    - by Brad R
    We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

    Read the article

  • swapon --all --verbose : 'read swap header failed: Invalid argument'

    - by user66088
    Recently ran through EnableHibernateWithEncryptedSwap and ran the following command: swapon --all --verbose and received: 'read swap header failed: Invalid argument' How do I fix this? Here's some more pertinent output... Output of sudo fdisk -l: Disk /dev/sda: 80.0 GB, 80026361856 bytes 255 heads, 63 sectors/track, 9729 cylinders, total 156301488 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00006d20 Device Boot Start End Blocks Id System /dev/sda1 * 2048 499711 248832 83 Linux /dev/sda2 501758 156301311 77899777 5 Extended /dev/sda5 501760 156301311 77899776 8e Linux LVM Disk /dev/mapper/ubuntu--t10194-root: 75.5 GB, 75539415040 bytes 255 heads, 63 sectors/track, 9183 cylinders, total 147537920 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/mapper/ubuntu--t10194-root doesn't contain a valid partition table Disk /dev/mapper/ubuntu--t10194-swap_1: 4227 MB, 4227858432 bytes 255 heads, 63 sectors/track, 514 cylinders, total 8257536 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x08040000 Disk /dev/mapper/ubuntu--t10194-swap_1 doesn't contain a valid partition table Disk /dev/mapper/cryptswap1: 4225 MB, 4225761280 bytes 255 heads, 63 sectors/track, 513 cylinders, total 8253440 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xd2236983 Disk /dev/mapper/cryptswap1 doesn't contain a valid partition table Thanks for any and ALL help!

    Read the article

  • Reality behind wireless security - the weakness of encrypting

    - by Cawas
    I welcome better key-wording here, both on tags and title, and I'll add more links as soon as possible. For some years I'm trying to conceive a wireless environment that I'd setup anywhere and advise for everyone, including from big enterprises to small home networks of 1 machine. I've always had the feeling using any kind of the so called "wireless security" methods is actually a bad design. I'm talking mostly about encrypting and pass-phrasing (which are actually two different concepts), since I won't even considering hiding SSID and mac filtering. I understand it's a natural way of thinking. With cable networking nobody can access the network unless they have access to the physical cable, so you're "secure" in the physical way. In a way, encrypting is for wireless what walling (building walls) is for the cables. And giving pass-phrases is adding a door with a key. But the cabling without encryption is also insecure. Someone just need to plugin and get your data! And while I can see the use for encrypting data, I don't think it's a security measure in wireless networks. As I said elsewhere, I believe we should encrypt only sensitive data regardless of wires. And passwords should be added to the users, always, not to wifi. For securing files, truly, best solution is backup. Sure all that doesn't happen that often, but I won't consider the most situations where people just don't care. I think there are enough situations where people actually care on using passwords on their OS users, so let's go with that in mind. For being able to break the walls or the door someone will need proper equipment such as a hammer or a master key of some kind. Same is true for breaking the wireless walls in the analogy. But, I'd say true data security is at another place. I keep promoting the Fonera concept as an instance. It opens up a free wifi port, if you choose so, and anyone can connect to the internet through that, without having any access to your LAN. It also uses a QoS which will never let your bandwidth drop from that public usage. That's security, and it's open. And who doesn't want to be able to use internet freely anywhere you can find wifi spots? I have 3G myself, but that's beyond the point here. If I have a wifi at home I want to let people freely use it for internet as to not be an hypocrite and even guests can easily access my files, just for reading access, so I don't need to keep setting up encryption and pass-phrases that are not whole compatible. I'll probably be bashed for promoting the non-usage of WPA 2 with AES or whatever, but I wanted to know from more experienced (super) users out there: what do you think? Is there really a need for encryption to have true wireless security?

    Read the article

  • A way for an Upstart event to be sent whenever ecryptfs homedir mounted/unmounted?

    - by David Olivier
    I have an encrypted homedir (ecryptfs) and I'm wanting to run a private mysql daemon with the database files in my homedir. The daemon should be started whenever the homedir is mounted, and stopped before the homedir is unmounted. It seems I have to write an Upstart script, which doesn't seem too hard; the problem is triggering it. Is there already any Upstart event that is sent on these occasions? Or must I insert an "initctl emit" somewhere? Where? It seems the encrypted homedir is mounted whenever I either open my GUI session or ssh to my account. Is there a common place in these two processes where I might insert code? (I don't want to patch and compile any C code, just insert maybe a few lines somewere.) David

    Read the article

  • Using portable Mode for true crypt for crypting Portable HDD , USB etc

    - by Gaurav_Java
    I was wondering how to encrypt my external HDD so that my data would be safe AND accessible from any OS platform (Windows and Linux). So I went through many posts and forums and found out the best thing was to use true crypt. I went along with this post and encrypt my USB drive. When inserted that, Windows didn't recognize it. Then I followed another post that said to install truecrypt. The thing is : How can i use traveler disk setup in Ubuntu (Option not found)? Install truecrypt in USB so that i can *mount my USB or HDD on any other OS? If there is no solution for the upper two, then is there any other software which I can use to encrypt an USB device so that it can be accessed from any OS?

    Read the article

  • how to set owner and permission to a cryptsetup made device?

    - by Antoine Rodriguez
    I have an encrypted loopback volume. I need to mount and umount manually the volume so I use cryptsetup luksOpen and cryptsetup luksClose . However, When I invoke this command it pops up the /dev/mapper device under all the sessions under gnome/xfce/kde/unity ... And then it let the user to mount (with password), expulse and unmount the volume. It's quite annoying in a multi user server (you are working on your files and the volume is being unmounted). How can I define ownership and permission on the device ? I've tried chown and chmod approach witch gives nothing. Cryptsetup doesn't have any options that let you do that. crypttab auto mount the filesystem on boot witch is unwanted (only manual mount)

    Read the article

  • No space on device

    - by user170810
    Today I tried to move a huge directory to a common directory for 2 users. I first tried to change the permissions of my home directory. So something happened with my ~/.private directory and the disk was full! I have a 2 TB disk. I cannot make a backup, I cannot even enter graphics mode. Please help. Are there a way to restore my contents without making backup? Even creating ~/Private is impossible -- "no space on the device". I have no Private, and don't tell me that I have erased it, because it is not true. Are there some utilities to restore the files and make them not encrypted?

    Read the article

  • Sharing my home folders with other users on the same PC

    - by Stephen Myall
    After reviewing similar questions on the same subject Im still none the wiser. I want to share my music, pictures and video folders with other users on my pc. I am using 11.10 and will be upgrading to 12.04. The method I have tried is to right click on the folder (as Administrator), select "Sharing Options" check all the necessary fields and give the share a name like "music-shared". Another dialog pops up then and I select "Set nautilus Permissions". When the other user logs on they go to their Home folder click on the network and can see the "music-shared" folder, but they get a message that the do not have the necessary permissions to view the content. Im sure I'm missing something simple. My Home folder is encrypted and i am willing to unencrypt to make this work Unlike other questions on this site, I dont have a partition etc. i would be grateful for any help.

    Read the article

  • The HTG Guide to Hiding Your Data in a TrueCrypt Hidden Volume

    - by Jason Fitzpatrick
    Last week we showed you how to set up a simple, but strongly encrypted, TrueCrypt volume to help you protect your sensitive data. This week we’re digging in deeper and showing you how to hide your encrypted data within your encrypted data. The HTG Guide to Hiding Your Data in a TrueCrypt Hidden Volume Make Your Own Windows 8 Start Button with Zero Memory Usage Reader Request: How To Repair Blurry Photos

    Read the article

  • Encrypted home breaks on login

    - by berkes
    My home is encrypted, which breaks the login. Gnome and other services try to find all sorts of .files, write to them, read from them and so on. E.g. .ICEauthority. They are not found (yet) because at that moment the home is still encrypted. I do not have automatic login set, since that has known issues with encrypted home in Ubuntu. When I go trough the following steps, there is no problem: boot up the system. [ctr][alt][F1], login. run ecryptfs-mount-private [ctr][alt][F7], done. Can now login. I may have some setting wrong, but have no idea where. I suspect ecryptfs-mount-private should be ran earlier in bootstrap, but do not know how to make it so. Some issues that may cause trouble: I have a fingerprint reader, it works for login and PAM. I have three keyrings in seahorse, containing passwords from old machines (backups). Not just one. Suggestion was that the PAM settings are wrong, so here are the relevant parts from /etc/pam.d/common-auth. # here are the per-package modules (the "Primary" block) auth [success=3 default=ignore] pam_fprintd.so auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) auth optional pam_ecryptfs.so unwrap # end of pam-auth-update config I am not sure about how this configuration works, but ut seems that maybe the*optional* in auth optional pam_ecryptfs.so unwrap is causing the ecryptfs to be ignored?

    Read the article

  • How to revoke gnupg public key without private key?

    - by danijelc
    Long story short I have an key generated with seahorse and mistakenly deleted it from my system. I do remember passphrase but I don't have this key anywhere on my system. Scanned trough Ask Ubuntu but couldn't find any aplicabile solution on similar issue. However public key is still updated on keyring servers and I would like to revoke it. Since I have no revocation certificate and I can't get hold of private key (only public key is available from keyservers which I imported to seahorse) I have no idea how to accomplish it. Spent some time searching for solution acros net, various manuals and so on, but so far no luck. gpg --list-secret-keys - returns no output at all. gpg --list-keys - returns public key info gpg --gen-revoke *user-id* - returns - gpg: secret key *user-id* not found: eof gpg (GnuPG) version 1.4.11. Anyone able to suggest a solution?

    Read the article

  • How do I encrypt the source code on the webserver?

    - by Ashin k n
    I have a web application developed using Python, HTML, CSS & JavaScript. The customer installs it in any of their own Machine and uses it through their LAN. In short the customer sets up the webserver in any of their own machine. Since its a web application, all the source code is open for the customer in the document root directory of webserver. I want to encrypt the whole source code in the document root directory in such a way that it should not effect the working of the web application. Is there is any way to encrypt the Python, HTML, CSS & JavaScript for this purpose.

    Read the article

  • Auto-mount filesystems on boot fails (12.10)

    - by Joshua Pruitt
    I have a Compaq HP 8200 slim desktop running 12.10 with encrypted partitions (set up with the text-based installer). Everything's working fine, except... When I boot the computer, my /boot and /boot/efi directories refuse to mount automatically. I'm dropped to the root console, where I must enter 'mountall -v', and everything then continues on just fine. This was happening under 12.04. I've recently upgraded to 12.10, and the problem persists. Except now, in addition to /boot and /boot/efi not mounting, roughly 50% of the time /var will not be auto-mounted as well (and again, 'mountall -v' fixes allows me to boot and move on). I'm puzzled about this one. Running 'fsck' doesn't seem to do anything (the filesystems aren't damaged anyway). What can I try to solve this issue? Here's my /etc/fstab: http://paste.ubuntu.com/1338508/ Thanks in advance!!! Addendum: I have tried changing the entries in fstab from UUIDs to the actual devices, to no avail.

    Read the article

  • Swap is encrypted or not?

    - by Abhijit Navale
    I selected to encrypt home folder while install lubuntu 12.10 (64 bit) But after that 'sometimes' I get error that can not find /dev/mapper/cryptswap1 wait for mount or cancel at slpash screen. It then start the lubuntu without any problem. If i do sudo blkid | grep swap [sudo] password for abhijit: /dev/mapper/cryptswap1: UUID="fce3ef14-a9c6-45ac-81f5-18ff415851b0" TYPE="swap" That means swap is encrypted. But if i go to gparted it shows unknown partition with red exclamation mark for swap.

    Read the article

  • How can I disable Hibernate completely?

    - by Lekensteyn
    I have seen the answer on How to disable hibernating?, but I have no such file. Possibly because that suggestion was written for Ubuntu, not Kubuntu (KDE, not Gnome). I do not have a swap on my encrypted SSD, my system freezes (cannot even change Caps Lock) if I accidentally press the "Hibernate" button at "Energy management". My keyboard has a Hibernate button (Fn + F4) next to the volume control buttons and every time I press the wrong key, the system will freeze after. So, what is the correct way to disable it? If there is no solution, a work-around is welcome too.

    Read the article

  • How do create an encrypted system with multiple Linux distributions?

    - by niels
    A few weeks ago I created a completely encrypted system on a notebook and must say I like the idea. It's a little bit annoying to enter the password on every boot, but it's nice to know even if I loose the computer I don't give my data to other people. With the alternate-cd it's easy to do. Now I have to setup a new system where I want to combine the new idea with my usual usage strategy. There I have more partitions: 3 system, Home, Different Data-Partitions for vm-data, photo-data and mp3-data. The background is that I prefer not to update a system. I prefer to install the new version parallel to the old system. So I can easily test it. Obviously the Data-Partitions are used for both systems. My questions is, how can I easily combine both my strategy and the crypto-approach? Or is it impossible. The way to do the crypted stuff by hand is in my eyes to complicated.

    Read the article

  • Encrypted home won't mount automatically nor with ecryptfs-mount-private

    - by Patrik Swedman
    Up until recently my encrypted home worked great but after a reboot it didn't mount itself automatically and when I try to mount it manually I get a mount error: patrik@patrik-server:~$ ecryptfs-mount-private Enter your login passphrase: Inserted auth tok with sig [9af248791dd63c29] into the user session keyring mount: Invalid argument patrik@patrik-server:~$ I've also tried with sudo even though that shouldn't be necesary: patrik@patrik-server:/$ sudo ecryptfs-mount-private [sudo] password for patrik: Enter your login passphrase: Inserted auth tok with sig [9af248791dd63c29] into the user session keyring fopen: No such file or directory I'm using Ubuntu 10.04.4 LTS and I access it over SSH with putty.

    Read the article

  • Swap partition not recognized (The disk drive with UUID=... is not ready yet or not present)

    - by ladaghini
    I think I had an encrypted swap partition, because I chose to encrypt my home directory during the installation. I believe that's what the line with /dev/mapper/cryptswap1 ... in my /etc/fstab is all about. I did something to bork my swap because on the next boot, I got a message (paraphrased): The disk drive for /dev/mapper/cryptswap1 is not ready yet or not present. Wait to continue. Press S to skip or M to manually recover. (As a side note, pressing S or M seemed to do nothing different from just waiting.) Here's what I've tried: This tutorial on how to fix the swap partition not mounting. However, in the above, the mkswap command fails because the device is busy. So I booted from a live USB, ran GParted to reformat the swap partition (which showed up as an unknown fs type), and chrooted into the broken system to try that tutorial again. I also adjusted /etc/initramfs-tools/conf.d/resume and /etc/fstab to reflect the new UUID generated from formatting the partition as a swap. That still didn't work; instead of /dev/mapper/cryptswap1 not present, "The disk drive with UUID=[swap partition's UUID] is not ready yet or not present..." So I decided to start afresh as though I never had created a swap partition in the first place. From the Live USB, I deleted the swap partition altogether (which, again showed up in GParted as an unknown fs type), removed the swap and cryptswap entries in /etc/fstab as well as removed /etc/initramfs-tools/conf.d/resume and /etc/crypttab. At this point the main system shouldn't be considered broken because there is no swap partition and no instructions to mount one, right? I didn't get any errors during startup. I followed the same instructions to create and encrypt the swap partition, starting with creating a partition for the swap, though I think fdisk said a reboot was necessary to see changes. I was confident the 3rd process above would work, but the problem yet persists. Some relevant info (/dev/sda8 is the swap partition): /etc/fstab file: # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc nodev,noexec,nosuid 0 0 # / was on /dev/sda6 during installation UUID=4c11e82c-5fe9-49d5-92d9-cdaa6865c991 / ext4 errors=remount-ro 0 1 # /boot was on /dev/sda5 during installation UUID=4031413e-e89f-49a9-b54c-e887286bb15e /boot ext4 defaults 0 2 # /home was on /dev/sda7 during installation UUID=d5bbfc6f-482a-464e-9f26-fd213230ae84 /home ext4 defaults 0 2 # swap was on /dev/sda8 during installation UUID=5da2c720-8787-4332-9317-7d96cf1e9b80 none swap sw 0 0 /dev/mapper/cryptswap1 none swap sw 0 0 output of sudo mount: /dev/sda6 on / type ext4 (rw,errors=remount-ro) proc on /proc type proc (rw,noexec,nosuid,nodev) sysfs on /sys type sysfs (rw,noexec,nosuid,nodev) none on /sys/fs/fuse/connections type fusectl (rw) none on /sys/kernel/debug type debugfs (rw) none on /sys/kernel/security type securityfs (rw) udev on /dev type devtmpfs (rw,mode=0755) devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620) tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755) none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880) none on /run/shm type tmpfs (rw,nosuid,nodev) /dev/sda5 on /boot type ext4 (rw) /dev/sda7 on /home type ext4 (rw) /home/undisclosed/.Private on /home/undisclosed type ecryptfs (ecryptfs_check_dev_ruid,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs,ecryptfs_sig=cbae1771abd34009,ecryptfs_fnek_sig=7cefe2f59aab8e58) gvfs-fuse-daemon on /home/undisclosed/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=undisclosed) output of sudo blkid (note that /dev/sda8 is missing): /dev/sda1: LABEL="SYSTEM" UUID="960490E80490CC9D" TYPE="ntfs" /dev/sda2: UUID="D4043140043126C0" TYPE="ntfs" /dev/sda3: LABEL="Shared" UUID="80F613E1F613D5EE" TYPE="ntfs" /dev/sda5: UUID="4031413e-e89f-49a9-b54c-e887286bb15e" TYPE="ext4" /dev/sda6: UUID="4c11e82c-5fe9-49d5-92d9-cdaa6865c991" TYPE="ext4" /dev/sda7: UUID="d5bbfc6f-482a-464e-9f26-fd213230ae84" TYPE="ext4" /dev/mapper/cryptswap1: UUID="41fa147a-3e2c-4e61-b29b-3f240fffbba0" TYPE="swap" output of sudo fdisk -l: Disk /dev/mapper/cryptswap1 doesn't contain a valid partition table Disk /dev/sda: 320.1 GB, 320072933376 bytes 255 heads, 63 sectors/track, 38913 cylinders, total 625142448 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xdec3fed2 Device Boot Start End Blocks Id System /dev/sda1 * 2048 409599 203776 7 HPFS/NTFS/exFAT /dev/sda2 409600 210135039 104862720 7 HPFS/NTFS/exFAT /dev/sda3 210135040 415422463 102643712 7 HPFS/NTFS/exFAT /dev/sda4 415424510 625141759 104858625 5 Extended /dev/sda5 415424512 415922175 248832 83 Linux /dev/sda6 415924224 515921919 49998848 83 Linux /dev/sda7 515923968 621389823 52732928 83 Linux /dev/sda8 621391872 625141759 1874944 82 Linux swap / Solaris Disk /dev/mapper/cryptswap1: 1919 MB, 1919942656 bytes 255 heads, 63 sectors/track, 233 cylinders, total 3749888 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xaf5321b5 /etc/initramfs-tools/conf.d/resume file: RESUME=UUID=5da2c720-8787-4332-9317-7d96cf1e9b80 /etc/crypttab file: cryptswap1 /dev/sda8 /dev/urandom swap,cipher=aes-cbc-essiv:sha256 output of sudo swapon -as: Filename Type Size Used Priority /dev/mapper/cryptswap1 partition 1874940 0 -1 output of sudo free -m: total used free shared buffers cached Mem: 1476 1296 179 0 35 671 -/+ buffers/cache: 590 886 Swap: 1830 0 1830 So, how can this be fixed?

    Read the article

  • How to encrypt php folder under /var/www?

    - by sirchaos
    I need to encrypt the folder /var/www/test. The folder contains PHP files. The goal it to prevent any user to read the php content AND if the HD is mounted on another computer, the /var/www/test should be encrypted AND if computer booted up without any user logged I would like anyone to be able to access data in /var/www/tests. What is the correct approach for this? I've tried "ecryptfs-setup-private" as advised in How to encrypt /var/www? yet it didn't work for me. I've might missed something - I've tested the folders while booting with ubuntu 12.04 installation disk and mounted the drive, than I was able to access /var/www/test content.. yet this is what I want to prevent. The gnome-encfs isn't the way to go since its decryption happens when users logs on to the system & I would like the system to be working after power failure etc' without any one logged in. Please advice.

    Read the article

  • Mounting an encrypted partion Error

    - by indiajoe
    Using the disk utilities in ubuntu 11.04, i had encrypted a partition with a passphrase. Each time i used to click on the partition to mount, it used to ask me the passphrase and get mounted. All was fine, until i installed the 12.04. After the installation, this encrypted partition, disappeared from the menu. fdisk -l /dev/sda Shows the encrypted partition in the list /dev/sda7 298953648 488392064 94719208+ 7 HPFS/NTFS/exFAT I tried the following commands to mount it. But they all gave following errors $ sudo cryptsetup luksDump /dev/sda7 Device /dev/sda7 is not a valid LUKS device. $ ecryptfs-unwrap-passphrase /dev/sda7 Passphrase: # i entered the correct passphrase here... Error: Unwrapping passphrase failed [-5] Info: Check the system log for more information from libecryptfs $ grep ecryptfs /var/log/syslog Oct 31 22:43:51 benny ecryptfs-unwrap-passphrase: Error attempting to open [/dev/sda7] for reading Nov 1 01:28:02 benny ecryptfs-unwrap-passphrase: Error attempting to open [/dev/sda7] for reading Nov 1 01:29:06 benny ecryptfs-unwrap-passphrase: Error attempting to open [/dev/sda7] for reading I don't understand why I am getting the "Device /dev/sda7 is not a valid LUKS device." Could it be due to some corruption in partition table? Is there any way to recover this encrypted partition? Thanks indiajoe

    Read the article

  • Encrypt folders out of Home

    - by igi
    Is there a way to encrypt a folder, which is not in /home but even in a different partition, so only my user can access/read contained files? Alternatively, I would like to understand if it is possible to turn a complete ext4 partition into an encrypted volume, which would be mounted at user login. If possible, I would like to make the change without reinstalling Ubuntu. My PC has (mount output): /dev/sda1 on / type ext4 (rw,errors=remount-ro) /dev/sda3 on /home type ext4 (rw) /dev/sda4 on /home/igor/Personale type ext4 (rw) sda4 is the partition containing folders I would like to protect. Thanks!

    Read the article

  • Ask the Readers: How Do You Browse Securely Away From Home?

    - by Jason Fitzpatrick
    When you’re browsing away from home, be it on your smartphone, tablet, or laptop, how do you keep your browsing sessions secure? This week we’re interested in hearing all about your mobile security tips and tricks. When you’re out and about you often, out of necessity or convenience, need to connect to open Wi-Fi hotspots and otherwise put your data out there in ways that you don’t when you’re at home. This week we want to hear about your tips, tricks, and applications for keeping your data secure and private when you’re away from your home network. Sound off in the comments with your tips and then check back on Friday for the What You Said roundup. HTG Explains: Why Linux Doesn’t Need Defragmenting How to Convert News Feeds to Ebooks with Calibre How To Customize Your Wallpaper with Google Image Searches, RSS Feeds, and More

    Read the article

  • Is it safer to use the same IV all times data are encrypted, or use a dynamic IV that is sent together the encrypted text? [closed]

    - by kiamlaluno
    When encrypting data that is then send to a server, is it better to always use the same IV, which is already known from the receiving server, or use a dynamic IV that is then sent to the receiving server? I am referring to the case the remote server receives data from another server, or from a client application, and executes operations on a database table, in the table row identified by the received data. Which of the following PHP snippets is preferable? $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); $ks = mcrypt_enc_get_key_size($td); $key = substr(md5('very secret key'), 0, $ks); mcrypt_generic_init($td, $key, $iv); $encrypted = mcrypt_generic($td, 'This is very important data'); send_encripted_data(combine_iv_encrypted_text($iv, $encrypted)); $ks = mcrypt_enc_get_key_size($td); $key = substr(md5('very secret key'), 0, $ks); mcrypt_generic_init($td, $key, $iv); send_encripted_data(mcrypt_generic($td, 'This is very important data')); In which way is one of the snippets more vulnerable than the other one?

    Read the article

  • Order in which passphrase is asked for encrypted volumes

    - by Lars Kotthoff
    I have installed 12.10 on a machine with two disks. The root partition is on one disk, the swap partition on the other. Both disks are encrypted and I have added the corresponding entries to /etc/crypttab. During boot, it asks for the passphrase for the disk with the root filesystem. Then it continues booting and gets to the login screen before I get a chance to enter the passphrase for the other disk. After logging in, I verified that it was actually waiting for me to enter the passphrase for that second partition (askpass process is running). But at that point, I have no way of entering the passphrase anymore. The manpage for crypttab suggests that the order in which the volumes are specified matters, so I changed it to have the swap disk first. I updated the initramfs and grub afterwards, but it didn't make any difference. How can I specify the order in which the encrypted partitions are unlocked? I'm looking for a solution that either asks for the swap passphrase first or tells the system to wait until all encrypted partitions are unlocked before displaying the login screen.

    Read the article

  • Cant mount cryptswap1 ?

    - by Jordan March
    From the reading I've done, it seems it's having issues mounting the encrypted files. The guys here: could not mount /dev/mapper/cryptswap1 Seem to be suggesting how to fix it, but I am new to Linux and have NO idea how to do any of that. Can anyone walk me through how to edit that file? Or should I just reinstal? Is there a way to reinstall and keep my programs? I do have separate partitions for boot root home and swap Running Acer Aspire 5750 Intel Core i3 4gb ram Ubuntu 12.10 64bit

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >