Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 18 Apr 2014, 12:18
All times are UTC - 4
 Forum index » Advanced Topics » Cutting edge
Encrypted pup_save for 2.13
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [10 Posts]  
Author Message
kirk

Joined: 11 Nov 2005
Posts: 1365
Location: florida

PostPosted: Wed 03 Jan 2007, 00:24    Post subject:  Encrypted pup_save for 2.13  

I've updated the pup_save encryption for 213. Included in the package below is a modified initrd.gz which will prompt you for a password if your pup_save file has "crypt" in the name. Only ext2 encrypted files are supported and it's been updated to fsck the file on every boot.

Also there's a script in the package to create an encrypted pup_save file with an ext2 file system.

The initrd.gz is 42k bigger and has the following additions:

cryptoloop.ko.gz
aes.ko.gz
losetup (compiled with dietlibc to replace the busybox version)


The init script has these changes:

lines 263-270:

CRYPT=$( echo $PUPSAVE | grep crypt )
if [ "$CRYPT" != "" ] ; then
CRYPTO="-e aes"
zcat /lib/modules/${KERNVER}/aes.ko.gz | insmod -
zcat /lib/modules/${KERNVER}/cryptoloop.ko.gz | insmod -
else
CRYPTO=""
fi


lines 576-618 (mostly 593-609)

#v2.13 do a f.s. check at every boot...
# e2fsck -y -f $SMNTPT$SAVEFILE // moved to line 612 for crypto
#about to mount pup_save.3fs, but before that check if need to resize it...
if [ -f $SMNTPT/pupsaveresize.txt ];then #created by /usr/sbin/resizepfile.sh
KILOBIG=`cat $SMNTPT/pupsaveresize.txt`
rm -f $SMNTPT/pupsaveresize.txt
echo -n "Increasing $SAVEFILE by $KILOBIG Kbytes, please wait..." >/dev/console
# dd if=/dev/zero bs=1k count=$KILOBIG | tee -a $SMNTPT$SAVEFILE > /dev/null
dd if=/dev/zero bs=1024 count=$KILOBIG >> $SMNTPT$SAVEFILE
sync
#v2.13 see above e2fsck -y -f $SMNTPT$SAVEFILE
resize2fs -pf $SMNTPT$SAVEFILE;check_status $? #no size, will fill all of file.
sync
sleep 6 #so we can see result. v2.11 only see result in log file.
check_status 0 #v2.11 e2fsck gives an error even though it works.
fi

if [ "$CRYPTO" != "" ] ; then
echo -e "\\033[1;31m" >/dev/console
echo "Loading encrypted pup_save_crypt" >/dev/console
echo "" >/dev/console
while true; do
echo "Password: " >/dev/console
losetup $CRYPTO /dev/loop1 $SMNTPT$SAVEFILE
e2fsck -y -f /dev/loop1
mount -t ext2 -o noatime,rw /dev/loop1 $EFSMNT
if [ "$?" = "0" ] ; then
break
else
losetup -d /dev/loop1
echo "Can't mount file, Try password again." >/dev/console
fi
done
else

losetup /dev/loop1 $SMNTPT$SAVEFILE
e2fsck -y -f /dev/loop1
echo -n "Mounting ${SAVEFILE} on ${EFSMNT}..." >/dev/console
FILEFS="ext3"
[ ! "`echo -n "$SAVEFILE" | grep "2fs"`" = "" ] && FILEFS="ext2"
mount -t $FILEFS -o noatime,rw /dev/loop1 $EFSMNT;check_status $?
fi
}



The package is here:


http://www.mediafire.com/?2m3jmtnjzwi


If you test this out please post any problems / success in this thread. If you have comments about various encryption methods or other ideas on encryption please use one of our other threads or start a new one. I'd like to keep this one short and on topic. Very Happy Thanks!

Last edited by kirk on Tue 09 Jan 2007, 18:42; edited 1 time in total
Back to top
View user's profile Send private message 
al3x

Joined: 21 Dec 2006
Posts: 2
Location: here and there, mostly Ukraine

PostPosted: Mon 08 Jan 2007, 17:38    Post subject: many be some other mirror?  

Tried to download the file the other day - upload2.net gave all kinds of errors. Could you please upload it somewhere else?
Thanks a lot.
Back to top
View user's profile Send private message 
kirk

Joined: 11 Nov 2005
Posts: 1365
Location: florida

PostPosted: Tue 09 Jan 2007, 18:44    Post subject:  

Try the new link, I updated the original post. Let me know how it works!
Back to top
View user's profile Send private message 
mdd


Joined: 02 Jun 2005
Posts: 29

PostPosted: Tue 23 Jan 2007, 14:08    Post subject: Re: Encrypted pup_save for 2.13  

kirk wrote:
I've updated the pup_save encryption for 213. Included in the package below is a modified initrd.gz which will prompt you for a password if your pup_save file has "crypt" in the name. Only ext2 encrypted files are supported and it's been updated to fsck the file on every boot.

Also there's a script in the package to create an encrypted pup_save file with an ext2 file system.

The initrd.gz is 42k bigger and has the following additions ...


How do I install/use this? I'm assuming that I can only use this for a new save file, and can't apply it to an already existing one. Is this correct? Where do I put the files, etc.

If you have time, could you put together a brief "pup_save for Dummies" on how to employ this?

Thanks.

--MDD
Back to top
View user's profile Send private message 
mdd


Joined: 02 Jun 2005
Posts: 29

PostPosted: Tue 23 Jan 2007, 14:37    Post subject: Re: Encrypted pup_save for 2.13  

mdd wrote:
If you have time, could you put together a brief "pup_save for Dummies" on how to employ this?


Hmm. After actually looking at the package files, it looks pretty self-explanatory.

When in doubt, rtfp. Wink

--MDD
Back to top
View user's profile Send private message 
kirk

Joined: 11 Nov 2005
Posts: 1365
Location: florida

PostPosted: Tue 23 Jan 2007, 14:53    Post subject:  

To use this you'll have to replace the initrd.gz file with the one posted here. If you're booting from the live cd You'll have to remaster it. To remaster the cd do this:

1) Copy all the files off the Puppy 2.13 CD to a folder.

2) Replace initrd.gz with the one supplied here.

3) From a terminal window do this:

Quote:
sh-3.00# mkisofs -o NEWpuppy2.13.iso -b isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table /folder-created-in-step-1/


Then you should have a new iso file called NEWpuppy2.13.iso. Then just burn it.

If you have a frugal hard drive install, then just replace the initrd.gz.

The package contains two files, the new initrd.gz and a script called pup_save encryption. The pup_save_encryption script will created a encrypted pupsave file and give you the option to copy your current pup_save file to the new encrypted one.
Back to top
View user's profile Send private message 
mdd


Joined: 02 Jun 2005
Posts: 29

PostPosted: Tue 23 Jan 2007, 19:47    Post subject: Re: Encrypted pup_save for 2.13  

Works great. Thanks.

--MDD
Back to top
View user's profile Send private message 
jam


Joined: 14 Jul 2006
Posts: 245

PostPosted: Wed 24 Jan 2007, 14:51    Post subject: Encryption Option in Remaster Script  

Kirk,

Perhaps you should get in touch with Dougal to see if he can add an option to the Puppy remaster script, incorporating the file and steps you list so that it is an option in the official Puppy remaster process going forward. Just a thought.

Jam

_________________
Jam
Back to top
View user's profile Send private message 
mdd


Joined: 02 Jun 2005
Posts: 29

PostPosted: Fri 02 Mar 2007, 17:55    Post subject: Any plans to update this for 2.14/2.15 ?  

Any plans to update this for 2.14/2.15, or to integrate it into the default distrib files ?

--MDD
Back to top
View user's profile Send private message 
kirk

Joined: 11 Nov 2005
Posts: 1365
Location: florida

PostPosted: Fri 02 Mar 2007, 18:18    Post subject:  

Did it for 2.14. Have to wait and see for 2.15.


http://www.murga-linux.com/puppy/viewtopic.php?t=15668
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [10 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0581s ][ Queries: 12 (0.0051s) ][ GZIP on ]