| View previous topic :: View next topic |
| Author |
Message |
Ari_archer
Tux's lil' helper
Joined: 30 Aug 2021
Posts: 130
Location: Lithuania
|
 Posted: Sat Oct 30, 2021 5:25 pm Post subject: [SOLVED] Double encrypting a partition |
 |
|
Hello, I was wondering if it's possible and if I should encrypt my home partition multiple times.
I think it might be just as easy as encrypting the mapper and adding it to dmcrypt configuration,
but I don't know, so the question is that should I do it if it's possible and anything that could go wrong?
_________________
regards,
ari
Last edited by Ari_archer on Sat Oct 30, 2021 11:46 pm; edited 1 time in total |
|
| Back to top |
|
 |
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3950
|
| Posted: Sat Oct 30, 2021 5:46 pm Post subject: |
|
|
Yes it seems to work
| Code: |
─sda9 8:9 0 1G 0 part
│ └─enc1 254:16 0 1008M 0 crypt
│ └─enc2 254:17 0 992M 0 crypt
|
You might try to triple encrypt it even.
The question is do you REALLY need to or is it some ego-booster?
_________________
Last edited by alamahant on Sat Oct 30, 2021 5:59 pm; edited 1 time in total |
|
| Back to top |
|
|
pietinger
Moderator
Joined: 17 Oct 2006
Posts: 5391
Location: Bavaria
|
| Posted: Sat Oct 30, 2021 5:51 pm Post subject: |
|
|
Ari_archer,
if you dont use 3DES you should not use the same cipher (e.g. AES) two times (this can weaken the alogorithm). Take different ciphers ! |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54850
Location: 56N 3W
|
| Posted: Sat Oct 30, 2021 6:52 pm Post subject: |
|
|
Ari_archer.
If you use a Chinese cypher, an American cypher and a Russian cypher, you might be proof against back doors in all three systems.
Maybe China, the USA and Russia share their cypher backdoors, so all you get is a very slow encrypted area and a false sense of security.
Of course, just because you are paranoid does not mean that "they" are not out to get you.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
Ari_archer
Tux's lil' helper
Joined: 30 Aug 2021
Posts: 130
Location: Lithuania
|
| Posted: Sat Oct 30, 2021 11:43 pm Post subject: |
|
|
| NeddySeagoon wrote: | Ari_archer.
If you use a Chinese cypher, an American cypher and a Russian cypher, you might be proof against back doors in all three systems.
Maybe China, the USA and Russia share their cypher backdoors, so all you get is a very slow encrypted area and a false sense of security.
Of course, just because you are paranoid does not mean that "they" are not out to get you. |
Don't worry, I'm not paranoid about the gonverment and stuff, my mother likes to go through my private conversations so one day when she almost found out that I was gay I started putting strong passwords on everything.
She hasn't figured out the password to my drive yet, but I mean, just to me safe
_________________
regards,
ari |
|
| Back to top |
|
|
Ari_archer
Tux's lil' helper
Joined: 30 Aug 2021
Posts: 130
Location: Lithuania
|
| Posted: Sat Oct 30, 2021 11:44 pm Post subject: |
|
|
| alamahant wrote: | Yes it seems to work
| Code: |
─sda9 8:9 0 1G 0 part
│ └─enc1 254:16 0 1008M 0 crypt
│ └─enc2 254:17 0 992M 0 crypt
|
You might try to triple encrypt it even.
The question is do you REALLY need to or is it some ego-booster? |
I don't REALLY need it and it's not an ego boost, but just want to be safe hah
_________________
regards,
ari |
|
| Back to top |
|
|
Ari_archer
Tux's lil' helper
Joined: 30 Aug 2021
Posts: 130
Location: Lithuania
|
| Posted: Sat Oct 30, 2021 11:45 pm Post subject: |
|
|
| pietinger wrote: | Ari_archer,
if you dont use 3DES you should not use the same cipher (e.g. AES) two times (this can weaken the alogorithm). Take different ciphers ! |
Thank you
_________________
regards,
ari |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23101
|
| Posted: Sun Oct 31, 2021 12:29 am Post subject: |
|
|
| For that threat model, you want a good strong password. The underlying cryptography barely matters, as it is unlikely she will attempt to defeat it by cryptanalysis. If she tries to get in at all, it will be by trying to guess the password. Anyone who correctly guesses the password will get in, no matter how strong the cryptography is. Thus, you want a password or passphrase that is too complex to be used by chance and sufficiently random that it would not show up on a list of informed guesses (pet's name, significant dates, etc.) |
|
| Back to top |
|
|
figueroa
Advocate
Joined: 14 Aug 2005
Posts: 3007
Location: Edge of marsh USA
|
| Posted: Sun Oct 31, 2021 3:36 am Post subject: |
|
|
Single encryption, decently done, will protect you from your mother, and almost any other threat. Adding layers of encryption multiplies your chances of destroying your own system beyond recovery. The level or protection should be according to the use-case. This applies to everybody.
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi |
|
| Back to top |
|
|
Goverp
Advocate
Joined: 07 Mar 2007
Posts: 2204
|
| Posted: Sun Oct 31, 2021 10:58 am Post subject: |
|
|
| pietinger wrote: | | ... you should not use the same cipher (e.g. AES) two times (this can weaken the alogorithm). ... |
I've used two rounds of ROT-13 since like forever!
_________________
Greybeard |
|
| Back to top |
|
|
pietinger
Moderator
Joined: 17 Oct 2006
Posts: 5391
Location: Bavaria
|
| Posted: Sun Oct 31, 2021 11:36 am Post subject: |
|
|
| Goverp wrote: | | I've used two rounds of ROT-13 since like forever! |
Yes, also very secure ... its hard to break it  |
|
| Back to top |
|
|
|
Networking & Security
