4.9.1. Using LUKS Disk Encryption
Overview of LUKS
- What LUKS does
- LUKS encrypts entire block devices and is therefore well-suited for protecting the contents of mobile devices such as removable storage media or laptop disk drives.
- The underlying contents of the encrypted block device are arbitrary. This makes it useful for encrypting
swapdevices. This can also be useful with certain databases that use specially formatted block devices for data storage.
- LUKS uses the existing device mapper kernel subsystem.
- LUKS provides passphrase strengthening which protects against dictionary attacks.
- LUKS devices contain multiple key slots, allowing users to add backup keys or passphrases.
- What LUKS does not do:
- LUKS is not well-suited for applications requiring many (more than eight) users to have distinct access keys to the same device.
- LUKS is not well-suited for applications requiring file-level encryption.
184.108.40.206. LUKS Implementation in Red Hat Enterprise Linux
cryptsetup --help) is aes-cbc-essiv:sha256 (ESSIV - Encrypted Salt-Sector Initialization Vector). Note that the installation program, Anaconda, uses by default XTS mode (aes-xts-plain64). The default key size for LUKS is 256 bits. The default key size for LUKS with Anaconda (XTS mode) is 512 bits. Ciphers that are available are:
220.127.116.11. Manually Encrypting Directories
- Enter runlevel 1 by typing the following at a shell prompt as root:
- Unmount your existing
- If the command in the previous step fails, use
fuserto find processes hogging
/homeand kill them:
fuser -mvk /home
/homeis no longer mounted:
grep home /proc/mounts
- Fill your partition with random data:
shred -v --iterations=1 /dev/VG00/LV_homeThis command proceeds at the sequential write speed of your device and may take some time to complete. It is an important step to ensure no unencrypted data is left on a used device, and to obfuscate the parts of the device that contain encrypted data as opposed to just random data.
- Initialize your partition:
cryptsetup --verbose --verify-passphrase luksFormat /dev/VG00/LV_home
- Open the newly encrypted device:
cryptsetup luksOpen /dev/VG00/LV_home home
- Make sure the device is present:
ls -l /dev/mapper | grep home
- Create a file system:
- Mount the file system:
mount /dev/mapper/home /home
- Make sure the file system is visible:
df -h | grep home
- Add the following to the
home /dev/VG00/LV_home none
- Edit the
/etc/fstabfile, removing the old entry for
/homeand adding the following line:
/dev/mapper/home /home ext3 defaults 1 2
- Restore default SELinux security contexts:
/sbin/restorecon -v -R /home
- Reboot the machine:
shutdown -r now
- The entry in the
/etc/crypttabmakes your computer ask your
lukspassphrase on boot.
- Log in as root and restore your backup.
18.104.22.168. Add a New Passphrase to an Existing Device
cryptsetup luksAddKey device
22.214.171.124. Remove a Passphrase from an Existing Device
cryptsetup luksRemoveKey device
126.96.36.199. Creating Encrypted Block Devices in Anaconda
kickstartto set a separate passphrase for each new encrypted block device.
188.8.131.52. Additional Resources
4.9.2. Creating GPG Keys
184.108.40.206. Creating GPG Keys in GNOME
- Install the Seahorse utility, which makes GPG key management easier:
yum install seahorse
- To create a key, from the Seahorse.→ menu select , which starts the application
- From the PGP Key. Then click .menu select and then
- Type your full name, email address, and an optional comment describing who you are (for example: John C. Smith,
firstname.lastname@example.org, Software Engineer). Click . A dialog is displayed asking for a passphrase for the key. Choose a strong passphrase but also easy to remember. Click and the key is created.
0xto the key ID, as in
0x6789ABCD. You should make a backup of your private key and store it somewhere secure.
220.127.116.11. Creating GPG Keys in KDE
- Start the KGpg program from the main menu by selecting → → . If you have never used KGpg before, the program walks you through the process of creating your own GPG keypair.
- A dialog box appears prompting you to create a new key pair. Enter your name, email address, and an optional comment. You can also choose an expiration time for your key, as well as the key strength (number of bits) and algorithms.
- Enter your passphrase in the next dialog box. At this point, your key appears in the main KGpg window.
0xto the key ID, as in
0x6789ABCD. You should make a backup of your private key and store it somewhere secure.
18.104.22.168. Creating GPG Keys Using the Command Line
- Use the following shell command:
gpg2 --gen-keyThis command generates a key pair that consists of a public and a private key. Other people use your public key to authenticate and decrypt your communications. Distribute your public key as widely as possible, especially to people who you know will want to receive authentic communications from you, such as a mailing list.
- A series of prompts directs you through the process. Press the Enter key to assign a default value if desired. The first prompt asks you to select what kind of key you prefer:
Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection?In almost all cases, the default is the correct choice. An RSA/RSA key allows you not only to sign communications, but also to encrypt files.
- Choose the key size:
RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048)Again, the default, 2048, is sufficient for almost all users, and represents an extremely strong level of security.
- Choose when the key will expire. It is a good idea to choose an expiration date instead of using the default, which is
none. If, for example, the email address on the key becomes invalid, an expiration date will remind others to stop using that public key.
Please specify how long the key should be valid. 0 = key does not expire d = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years key is valid for? (0)Entering a value of 1y, for example, makes the key valid for one year. (You may change this expiration date after the key is generated, if you change your mind.)
- Before the gpg2 application asks for signature information, the following prompt appears:
Is this correct (y/N)?Enter
yto finish the process.
- Enter your name and email address for your GPG key. Remember this process is about authenticating you as a real individual. For this reason, include your real name. If you choose a bogus email address, it will be more difficult for others to find your public key. This makes authenticating your communications difficult. If you are using this GPG key for self-introduction on a mailing list, for example, enter the email address you use on that list.Use the comment field to include aliases or other information. (Some people use different keys for different purposes and identify each key with a comment, such as "Office" or "Open Source Projects.")
- At the confirmation prompt, enter the letter
Oto continue if all entries are correct, or use the other options to fix any problems. Finally, enter a passphrase for your secret key. The gpg2 program asks you to enter your passphrase twice to ensure you made no typing errors.
- Finally, gpg2 generates random data to make your key as unique as possible. Move your mouse, type random keys, or perform other tasks on the system during this step to speed up the process. Once this step is finished, your keys are complete and ready to use:
pub 1024D/1B2AFA1C 2005-03-31 John Q. Doe <email@example.com> Key fingerprint = 117C FE83 22EA B843 3E86 6486 4320 545E 1B2A FA1C sub 1024g/CEA4B22E 2005-03-31 [expires: 2006-03-31]
- The key fingerprint is a shorthand "signature" for your key. It allows you to confirm to others that they have received your actual public key without any tampering. You do not need to write this fingerprint down. To display the fingerprint at any time, use this command, substituting your email address:
gpg2 --fingerprint firstname.lastname@example.orgYour "GPG key ID" consists of 8 hex digits identifying the public key. In the example above, the GPG key ID is
1B2AFA1C. In most cases, if you are asked for the key ID, prepend
0xto the key ID, as in
4.9.3. Using openCryptoki for Public-Key Cryptography
22.214.171.124. Installing openCryptoki and Starting the Service
yum install opencryptoki
pkcsslotddaemon. Start the daemon for the current session by executing the following command as
systemctl start pkcsslotd
systemctl enable pkcsslotd
126.96.36.199. Configuring and Using openCryptoki
pkcsslotddaemon reads the
/etc/opencryptoki/opencryptoki.confconfiguration file, which it uses to collect information about the tokens configured to work with the system and about their slots.
pkcsslotddaemon at run time, use the
pkcsconfutility. This tool allows you to show and configure the state of the daemon, as well as to list and modify the currently configured slots and tokens. For example, to display information about tokens, issue the following command (note that all non-root users that need to communicate with the
pkcsslotddaemon must be a part of the
pkcs11group, as all members of this group have the right to block other users of the openCryptoki service from accessing configured PKCS#11 tokens. All members of this group can also execute arbitrary code with the privileges of any other users of openCryptoki.
4.9.4. Using Smart Cards to Supply Credentials to OpenSSH
~/.ssh/authorized_keysfile. Install the
PKCS#11library provided by the opensc package on the client.
PKCS#11is a Public-Key Cryptography Standard that defines an application programming interface (API) to cryptographic devices called tokens. Enter the following command as
yum install opensc
188.8.131.52. Retrieving a Public Key from a Card
ssh-keygencommand. Specify the shared library (OpenSC in the following example) with the
ssh-keygen -D /usr/lib64/pkcs11/opensc-pkcs11.sossh-rsa AAAAB3NzaC1yc[...]+g4Mb9
184.108.40.206. Storing a Public Key on a Server
smartcard.pubin the following example) and using the
ssh-copy-id -f -i smartcard.pub user@hostnameuser@hostname's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh user@hostname" and check to make sure that only the key(s) you wanted were added.
SSH_COPY_ID_LEGACY=1environment variable or the
220.127.116.11. Authenticating to a Server with a Key on a Smart Card
ssh -I /usr/lib64/pkcs11/opensc-pkcs11.so hostnameEnter PIN for 'Test (UserPIN)':
PKCS#11library in your
Host hostname PKCS11Provider /usr/lib64/pkcs11/opensc-pkcs11.so
sshcommand without any additional options:
ssh hostnameEnter PIN for 'Test (UserPIN)':
ssh-agent to Automate PIN Logging In
ssh-agent. You can skip this step in most cases because
ssh-agentis already running in a typical session. Use the following command to check whether you can connect to your authentication agent:
ssh-add -lCould not open a connection to your authentication agent.
ssh-add -s /usr/lib64/pkcs11/opensc-pkcs11.soEnter PIN for 'Test (UserPIN)': Card added: /usr/lib64/pkcs11/opensc-pkcs11.so
ssh-agent, use the following command:
ssh-add -e /usr/lib64/pkcs11/opensc-pkcs11.soCard removed: /usr/lib64/pkcs11/opensc-pkcs11.so
pin_cache_ignore_user_consent = true;option in the
18.104.22.168. Additional Resources
PKCS#11security tokens, see the
4.9.5. Trusted and Encrypted Keys
RSAkey called the storage root key (SRK).
AESencryption, which makes them faster than trusted keys. Encrypted keys are created using kernel-generated random numbers and encrypted by a master key when they are exported into user-space blobs. This master key can be either a trusted key or a user key, which is their main disadvantage — if the master key is not a trusted key, the encrypted key is only as secure as the user key used to encrypt it.
22.214.171.124. Working with Keys
rootuser to load both of these modules at once:
modprobe trusted encrypted-keys
tpm_setactivecommand from the tpm-tools package of utilities. Also, the TrouSers application needs to be installed (the trousers package), and the
tcsddaemon, which is a part of the TrouSers suite, running to communicate with the TPM.
keyctlcommand with the following syntax:
keyctl add trusted name "new keylength [options]" keyring
keyctl add trusted kmk "new 32" @u642500861
kmkwith the length of 32 bytes (256 bits) and places it in the user keyring (
@u). The keys may have a length of 32 to 128 bytes (256 to 1024 bits). Use the
showsubcommand to list the current structure of the kernel keyrings:
keyctl showSession Keyring -3 --alswrv 500 500 keyring: _ses 97833714 --alswrv 500 -1 \_ keyring: _uid.1000 642500861 --alswrv 500 500 \_ trusted: kmk
pipesubcommand as follows:
keyctl pipe 642500861 > kmk.blob
addcommand again with the blob as an argument:
keyctl add trusted kmk "load `cat kmk.blob`" @u268728824
keyctl add encrypted name "new [format] key-type:master-key-name keylength" keyring
keyctl add encrypted encr-key "new trusted:kmk 32" @u159771175
keyctl add user kmk-user "`dd if=/dev/urandom bs=1 count=32 2>/dev/null`" @u427069434
keyctl add encrypted encr-key "new user:kmk-user 32" @u1012412758
listsubcommand can be used to list all keys in the specified kernel keyring:
keyctl list @u2 keys in keyring: 427069434: --alswrv 1000 1000 user: kmk-user 1012412758: --alswrv 1000 1000 encrypted: encr-key
126.96.36.199. Additional Resources
- keyctl(1) — Describes the use of the keyctl utility and its subcommands.
- Red Hat Enterprise Linux 7 SELinux User's and Administrator's Guide — The SELinux User's and Administrator's Guide for Red Hat Enterprise Linux 7 describes the basic principles of SELinux and documents in detail how to configure and use SELinux with various services, such as the Apache HTTP Server.
- https://www.kernel.org/doc/Documentation/security/keys-trusted-encrypted.txt — The official documentation about the trusted and encrypted keys feature of the Linux kernel.
- Section A.1.1, “Advanced Encryption Standard — AES” provides a concise description of the
Advanced Encryption Standard.
- Section A.2, “Public-key Encryption” describes the public-key cryptographic approach and the various cryptographic protocols it uses.
4.9.6. Using the Random Number Generator
rngddaemon, which is a part of the rng-tools package, is capable of using both environmental noise and hardware random number generators for extracting entropy. The daemon checks whether the data supplied by the source of randomness is sufficiently random and then stores it in the random-number entropy pool of the kernel. The random numbers it generates are made available through the
/dev/urandomis that the former is a blocking device, which means it stops supplying numbers when it determines that the amount of entropy is insufficient for generating a properly random output. Conversely,
/dev/urandomis a non-blocking source, which reuses the entropy pool of the kernel and is thus able to provide an unlimited supply of pseudo-random numbers, albeit with less entropy. As such,
/dev/urandomshould not be used for creating long-term cryptographic keys.
yum install rng-tools
rngddaemon, execute the following command as
systemctl start rngd
systemctl status rngd
rngddaemon with optional parameters, execute it directly. For example, to specify an alternative source of random-number input (other than
/dev/hwrandom), use the following command:
/dev/hwrngas the device from which random numbers are read. Similarly, you can use the
--random-device) option to choose the kernel device for random-number output (other than the default
/dev/random). See the rngd(8) manual page for a list of all available options.
rngd -vfUnable to open file: /dev/tpm0 Available entropy sources: DRNG
rngd -vcommand, the according process continues running in background. The
-b, --backgroundoption (become a daemon) is applied by default.
cat /proc/cpuinfo | grep rdrand
/dev/random, use the rngtest tool as follows:
cat /dev/random | rngtest -c 1000rngtest 5 Copyright (c) 2004 by Henrique de Moraes Holschuh This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. rngtest: starting FIPS tests... rngtest: bits received from input: 20000032 rngtest: FIPS 140-2 successes: 998 rngtest: FIPS 140-2 failures: 2 rngtest: FIPS 140-2(2001-10-10) Monobit: 0 rngtest: FIPS 140-2(2001-10-10) Poker: 0 rngtest: FIPS 140-2(2001-10-10) Runs: 0 rngtest: FIPS 140-2(2001-10-10) Long run: 2 rngtest: FIPS 140-2(2001-10-10) Continuous run: 0 rngtest: input channel speed: (min=1.171; avg=8.453; max=11.374)Mibits/s rngtest: FIPS tests speed: (min=15.545; avg=143.126; max=157.632)Mibits/s rngtest: Program run time: 2390520 microseconds
/dev/random), and QEMU will use
/dev/randomas the source for entropy requested by guests.
Figure 4.1. The virtio RNG device