Med-Mastodon

Khurram Wadee ✅My experience with <a href="https://mastodon.org.uk/tags/FlashDrives" class="mention hashtag" rel="nofollow noopener" target="_blank">#FlashDrives</a> recently has been mixed. I have no problem in encrypting them with <a href="https://mastodon.org.uk/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#LUKS</a>, using <a href="https://mastodon.org.uk/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a> or with formatting a partition with <a href="https://mastodon.org.uk/tags/Btrfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#Btrfs</a>, for instance, using <a href="https://mastodon.org.uk/tags/gparted" class="mention hashtag" rel="nofollow noopener" target="_blank">#gparted</a> and doing other tinkering with <a href="https://mastodon.org.uk/tags/Gnome" class="mention hashtag" rel="nofollow noopener" target="_blank">#Gnome</a> <a href="https://mastodon.org.uk/tags/disks" class="mention hashtag" rel="nofollow noopener" target="_blank">#disks</a>. But the problem has been with the actual drives themselves. The cheaper ones seem to have quite a few bad sectors, etc. and so they’re not really reliable for medium term storage.1/2<a href="https://mastodon.org.uk/tags/Hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hardware</a> <a href="https://mastodon.org.uk/tags/StorageDevices" class="mention hashtag" rel="nofollow noopener" target="_blank">#StorageDevices</a> <a href="https://mastodon.org.uk/tags/Unix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Unix</a> <a href="https://mastodon.org.uk/tags/GNU" class="mention hashtag" rel="nofollow noopener" target="_blank">#GNU</a> <a href="https://mastodon.org.uk/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://mastodon.org.uk/tags/Fedora" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fedora</a>

13reak :fedora:In case someone else is wondering why linux <code>luks</code> hard disk encryption is usually within a <code>lvm</code> container: that way you only need one password to unlock multiple partitions.(found out the hard way)<a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://infosec.exchange/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a> <a href="https://infosec.exchange/tags/harddisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#harddisk</a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a>

Khurram Wadee ✅So today I tired <a href="https://mastodon.org.uk/tags/mkfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#mkfs</a>.btrfs and this works. I was using <a href="https://mastodon.org.uk/tags/gparted" class="mention hashtag" rel="nofollow noopener" target="_blank">#gparted</a>, which can’t create <a href="https://mastodon.org.uk/tags/encrypted" class="mention hashtag" rel="nofollow noopener" target="_blank">#encrypted</a> file systems and so I created a blank (cleared) one, used <a href="https://mastodon.org.uk/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a> to create the <a href="https://mastodon.org.uk/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a> on the device, and then created the brtrfs file system.<a href="https://mastodon.org.uk/tags/GNU" class="mention hashtag" rel="nofollow noopener" target="_blank">#GNU</a> <a href="https://mastodon.org.uk/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeSoftware</a>

Hraban (fiëé visuëlle)Ich würde gerne vermeiden, das Passwort für die <a href="https://literatur.social/tags/Festplattenverschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener" target="_blank">#Festplattenverschlüsselung</a> meines <a href="https://literatur.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a>-Laptops jedes Mal eingeben zu müssen – meine Kinder sollen den auch benutzen können, ohne dass ich ihnen das Passwort sage.Das müsste sich doch irgendwie auf ein Hardware-Token (USB-Stick oder SD-Karte) umstellen lassen? Wie am besten?<a href="https://literatur.social/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a> <a href="https://literatur.social/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a>

scy @ WHY2025 (7299)TIL: If you want to `cryptsetup open` a BitLocker encrypted drive using the recovery key (8 blocks of 6 digits each), make sure to enter it _with_ the dashes between each block of digits, else it won't be recognized.<a href="https://chaos.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://chaos.social/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#Windows</a> <a href="https://chaos.social/tags/BitLocker" class="mention hashtag" rel="nofollow noopener" target="_blank">#BitLocker</a> <a href="https://chaos.social/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a>

Stuart Longland (VK4MSL)Had fun and games trying to unmount my work volume (a LUKS loopback device) today… `cryptsetup` telling me the device was in-use. (But it wasn't!)As it happens, kernel namespaces can make things appear to be "in use" when they are not, and Gentoo's Portage uses namespaces to isolate the build process from the host system. Kill the build, and you'll be able to unmount and de-activate the encrypted volume.<a href="https://forums.gentoo.org/viewtopic-p-8479896.html?sid=fc640855d942c63b54512d9d7f4e8285#8479896" rel="nofollow noopener" translate="no" target="_blank">https://forums.gentoo.org/viewtopic-p-8479896.html?sid=fc640855d942c63b54512d9d7f4e8285#8479896</a><a href="https://mastodon.longlandclan.id.au/tags/Gentoo" class="mention hashtag" rel="nofollow noopener" target="_blank">#Gentoo</a> <a href="https://mastodon.longlandclan.id.au/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#LUKS</a> <a href="https://mastodon.longlandclan.id.au/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a> <a href="https://mastodon.longlandclan.id.au/tags/namespaces" class="mention hashtag" rel="nofollow noopener" target="_blank">#namespaces</a>

Lucas Werkmeisterhey neat, Linux 6.10 improved disk encryption performance on my system by ~42% <a href="https://gist.github.com/lucaswerkmeister/965d312193362ccfea6378006ce8cb81" rel="nofollow noopener" translate="no" target="_blank">https://gist.github.com/lucaswerkmeister/965d312193362ccfea6378006ce8cb81</a><a href="https://wikis.world/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://wikis.world/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a>

rtnQuick guide on encrypting an external drive. Assuming the drive is at /dev/sda with a /dev/sda1 partitionSet up encrypted volume (-y for verifying the password) # cryptsetup luksFormat -y -v /dev/sda1Unlock the encrypted volume and create a mapping to /dev/mapper/DUDE # cryptsetup luksOpen /dev/sda1 DUDECreate a file system # mkfs.ext4 /dev/mapper/DUDEMount the partition # mkdir /mnt/DUDE # mount /dev/mapper/DUDE /mnt/DUDE<a href="https://chaos.social/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a> <a href="https://chaos.social/tags/FDE" class="mention hashtag" rel="nofollow noopener" target="_blank">#FDE</a>

ricardo :mastodon:<a href="https://fosstodon.org/tags/Cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cryptsetup</a> 2.7.0 Unveils Advanced <a href="https://fosstodon.org/tags/OPAL" class="mention hashtag" rel="nofollow noopener" target="_blank">#OPAL</a> Hardware Encryption Support<a href="https://linuxiac.com/cryptsetup-2-7-0-unveils-advanced-opal-hardware-encryption-support/" rel="nofollow noopener" translate="no" target="_blank">https://linuxiac.com/cryptsetup-2-7-0-unveils-advanced-opal-hardware-encryption-support/</a>

SvanteHas anyone succeeded yet in running a Guix System with grub on an encrypted btrfs partition with subvolumes?guix system init seems to produce a sensible grub.cfg, which (after insmod of luks2) calls cryptomount, but after reboot, it doesn't even ask for the passphrase before complaining that the decrypted device doesn't exist and dropping to grub rescue.<a href="https://mastodon.xyz/tags/Guix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Guix</a> <a href="https://mastodon.xyz/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://mastodon.xyz/tags/btrfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#btrfs</a> <a href="https://mastodon.xyz/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a> <a href="https://mastodon.xyz/tags/grub" class="mention hashtag" rel="nofollow noopener" target="_blank">#grub</a>

Axel ⌨🐧🐪🚴😷 | R.I.P Natenom<a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@campuscodi</a>: A few notes and thoughts on CVE-2023-2283 in <a href="https://chaos.social/tags/libssh" class="mention hashtag" rel="nofollow noopener" target="_blank">#libssh</a>: * libssh (libssh-4 in Debian and derivatives) ≠ libssh2 (libssh2-1 in Debian and derivatives)* Obviously only servers using libssh to let users log in should be affected by any authentication bypass. Most libssh reverse dependencies though seem to be client-side applications.The only potential libssh server-side reverse dependencies I found so far are:* <a href="https://chaos.social/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a>-ssh * <a href="https://chaos.social/tags/tmate" class="mention hashtag" rel="nofollow noopener" target="_blank">#tmate</a>-ssh-server * maybe <a href="https://chaos.social/tags/cockpit" class="mention hashtag" rel="nofollow noopener" target="_blank">#cockpit</a>-bridge

Keywan TonekaboniLUKS: Alte verschlüsselte Container unsicher? Ein Ratgeber für UpdatesAngeblich konnte die französische Polizei einen LUKS-Container knacken. Kein Grund zur Panik, aber ein Anlass, Passwörter und LUKS-Parameter zu hinterfragen.<a href="https://www.heise.de/news/Alte-LUKS-Container-unsicher-Ein-kleiner-Update-Ratgeber-8981054.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege" rel="nofollow noopener" target="_blank">https://www.heise.de/news/Alte-LUKS-Container-unsicher-Ein-kleiner-Update-Ratgeber-8981054.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege</a> <a href="https://social.heise.de/tags/Argon" class="mention hashtag" rel="nofollow noopener" target="_blank">#Argon</a> <a href="https://social.heise.de/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#LUKS</a> <a href="https://social.heise.de/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://social.heise.de/tags/PBKDF2" class="mention hashtag" rel="nofollow noopener" target="_blank">#PBKDF2</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener" target="_blank">#Verschlüsselung</a> <a href="https://social.heise.de/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptsetup</a>

Recent searches

Search options

Administered by:

Server stats:

#cryptsetup