LUKS: Ihe nzuzo data Linux Hard Disk yana nkwado NTFS na Linux

LUKS acronym na-anọchi anya Linux Unified Key Setup nke bụ ọtụtụ usoro nke izo ya ezo disk-nke Linux Kernel na-eji wee jiri ngwungwu cryptsetup tinye ya.

Ahịrị iwu nke cryptsetup na-ezobe diski olu na ofufe site na iji igodo ezoro ezo nke enwetara site na passphrase ewepụtara nke a na-enye oge ọ bụla diski olu, akụkụ yana diski dum (ọbụlagodi eriri USB) ka etinyere na ya. usoro faịlụ ma na-eji aes-cbc-essiv:sha256 cipher.

N'ihi na LUKS nwere ike izochi ngwaọrụ ngọngọ niile (disiki siri ike, mkpanaka USB, diski Flash, nkebi, otu olu wdg) na sistemụ Linux ka akwadoro maka ichekwa mgbasa ozi nchekwa mbughari, diski diski laptop ma ọ bụ faịlụ swap Linux na akwadoghị ya maka faịlụ. ọkwa ezoro ezo.

NTFS (Sistemụ Njikwa Teknụzụ Ọhụrụ) bụ sistemụ faịlụ nwe nwe nke Microsoft mepụtara.

Ubuntu 14.04 na-enye nkwado zuru oke maka izo ya ezo LUKS yana nkwado nwa afọ NTFS maka Windows site na enyemaka nke ngwugwu ntfs-3g.

Iji gosi isi okwu m na nkuzi a etinyegoro m diski ike ọhụrụ (4th) na igbe Ubuntu 14.04 (usoro ntụaka maka HDD agbakwunyere ọhụrụ bụ /dev/sdd ) nke a ga-ekewa ya na nkebi abụọ.

  1. Otu nkebi (/dev/sdd1 -primary) ejiri maka izo ya ezo LUKS.
  2. Nkebi nke abụọ (/dev/sdd5 – gbatịpụrụ) NTFS haziri maka ịnweta data na sistemụ Linux na Windows.

A ga-etinyekwa akụkụ ndị ahụ na-akpaghị aka na Ubuntu 14.04 ka ịmalitegharịa.

Nzọụkwụ 1: Mepụta Disk Partitions

1. Mgbe agbakwunyere diski ike gị na igwe gị, jiri iwu ls depụta /dev/devices niile ( diski nke anọ bụ /dev/sdd).

# ls /dev/sd*

2. Ọzọ, jiri iwu fdisk lelee HDD gị agbakwunyere ọhụrụ.

$ sudo fdisk –l /dev/sdd

N'ihi na ọ nweghị sistemụ faịlụ edebeghị ihe diski ahụ enweghị tebụl nkebi dị irè ma.

3. Nzọụkwụ ọzọ na-ebiri diski diski maka nsonaazụ nkebi abụọ site na iji cfdisk utility diski.

$ sudo cfdisk /dev/sdd

4. Ihuenyo ọzọ ga-emepe cfdisk ọnọdụ mmekọrịta. Họrọ hard-disk gị Oghere efu wee gaa na nhọrọ Ọhụrụ site na iji akụ igodo akaekpe/aka nri.

5. Họrọ ụdị nkebi gị ka Primary wee pịa Tinye.

6. Detuo oke nkebi ị chọrọ na MB.

7. Mepụta nkebi a na mmalite nke hard-disk Oghere efu.

8. Ọzọ gaa na nkebi Ụdị nhọrọ wee pịa Tinye.

9. Ngwa ngwa na-esote na-enye ndepụta nke ụdị faịlụ niile na koodu nọmba ha (nọmba Hex). Nkebi a ga-abụ ezoro ezo Linux LUKS wee họrọ koodu 83 wee kụọ Tinye ọzọ ka imepụta nkebi.

10. Emepụtara nkebi nke mbụ na ngwa ngwa cfdisk na-aga azụ na mbido. Iji mepụta nkebi nke abụọ ejiri dị ka NTFS họrọ Oghere efu fọdụrụ, gaa na nhọrọ Ọhụrụ wee pịa igodo Tinye .

11. Oge a nkebi ga-abụ Extended Logicalotu. Yabụ, gaa na nhọrọ Logical wee pịa Tinye ọzọ.

12. Tinye nha nkebi gị ọzọ. Maka iji ohere efu fọdụrụ dị ka nkebi ọhụrụ hapụ uru ndabara na nha wee pịa naanị Tinye.

13. Ọzọ họrọ gị nkebi ụdị koodu. Maka sistemụ faịlụ NTFS họrọ 86 koodu olu.

14. Mgbe enyochachara na nyochaa nkebi họrọ Dee, zaa ee na ajụjụ mkparịta ụka na-esote wee Kwụsị ka ịhapụ cfdisk ịba uru.

Ekele! Emeela nkebi gị nke ọma ma dị njikere ugbu a ka ahazi ma jiri ya mee ihe.

15. Iji nyochaa disk ọzọ Nkebi Tebụl wepụta fdisk iwu ọzọ nke ga-egosi ozi tebụl nkebi zuru ezu.

$ sudo fdisk –l /dev/sdd

Nzọụkwụ 2: Mepụta Partition Filesystem

16. Iji mepụta usoro faịlụ NTFS na nkebi nke abụọ na-agba ọsọ mkfs iwu.

$ sudo mkfs.ntfs /dev/sdd5

17. Iji mee ka nkebi dị ya ga-etinyerịrị na filesystem ruo n'ebe ugwu. Wụnye akụkụ nke abụọ na diski ike nke anọ ka ị gaa /pụọ mount point site na iji mountiwu.

$ sudo mount /dev/sdd5 /opt

18. Ọzọ, lelee ma ọ bụrụ na nkebi dị ma depụta ya na faịlụ /etc/mtab site na iji iwu cat.

$ cat /etc/mtab

19. Iji wepụ nkebi, jiri iwu na-esonụ.

$ sudo umount /opt

20. Gbaa mbọ hụ na etinyere ngwugwu cryptsetup na sistemụ gị.

$ sudo apt-get install cryptsetup		[On Debian Based Systems]

# yum install cryptsetup				[On RedHat Based Systems]

21. Ugbu a bụ oge iji hazie nkebi nke mbụ na diski ike anọ na ext4 filesystem site n'inye iwu a.

$ sudo luksformat  -t ext4  /dev/sdd1

Zaa na nnukwu EE na Ị ji n'aka? ajụjụ wee tinye ugboro atọ ị chọrọ.

Mara: Dabere na nkebi gị nha na HDD na-eme ngwa ngwa imepụta faịlụ nwere ike iwe obere oge.

22. Ị nwekwara ike nyochaa ọnọdụ ngwaọrụ nkebi.

$ sudo cryptsetup luksDump  /dev/sdd1

23. LUKS na-akwado okwuntughe 8 kacha agbakwunyere. Ka ịgbakwunye password jiri iwu a.

$ sudo cryptsetup luksAddKey /dev/sdd1

Iji wepu okwuntughe.

$ sudo cryptsetup luksRemoveKey /dev/sdd1

24. N'ihi na nke a Ezochiri ezo ka ọ rụọ ọrụ ọ ga-enwerịrị ntinye aha (a ga-ebido ya) gaa na ndekọ /dev/mapper site n'enyemaka nke cryptsetup > ngwugwu.

Ntọala a chọrọ syntax ahịrị iwu a:

$ sudo cryptsetup luksOpen  /dev/LUKS_partiton  device_name

Ebe aha_ngwaọrụ nwere ike ịbụ aha nkọwa ọ bụla masịrị ya! ( Akpọrọ m ya aha nke m crypted_volume). Iwu n'ezie ga-adị ka egosiri n'okpuru.

$ sudo cryptsetup luksOpen  /dev/sdd1 crypted_volume

25. Wee chọpụta ma ọ bụrụ na edepụtara ngwaọrụ gị na /dev/mapper, ndekọ aha, njikọ ihe atụ na ọkwa ngwaọrụ.

$ ls /dev/mapper
$ ls –all /dev/mapper/encrypt_volume
$ sudo cryptsetup –v status encrypt_volume

26. Ugbu a, n'ihi na-eme nkebi ngwaọrụ n'ọtụtụ ebe dị elu ugwu ya na gị usoro n'okpuru a ugwu ebe iji ugwu iwu.

$ sudo mount  /dev/mapper/crypted_volume  /mnt

Dị ka a pụrụ ịhụ na nkebi na-ndokwasa na inweta maka ide data.

27. Iji mee ka ọ ghara ịdị naanị bupụ ya na sistemụ gị wee mechie ngwaọrụ ahụ.

$ sudo umount  /mnt
$ sudo cryptsetup luksClose crypted_volume

Kwụpụ 3: Ugwu nkebi na-akpaghị aka

Ọ bụrụ na ị na-eji diski siri ike ma chọọ akụkụ abụọ ahụ ka etinyere ya na-akpaghị aka mgbe ịmalitegharịa, ị ga-agbaso usoro abụọ a.

28. Mbụ dezie faịlụ /etc/crypttab wee tinye data ndị a.

$ sudo nano /etc/crypttab

  1. Aha ebumnuche: Aha nkọwa maka ngwaọrụ gị ( lee n'elu isi 22 na EXT4 LUKS)
  2. Mbanye isi iyi: Nkebi diski ike haziri maka LUKS ( lee n'elu isi 21 na EXT4 LUKS ).
  3. Faịlụ igodo: Họrọ ọ nweghị
  4. Nhọrọ: Kwupụta luks

Ahịrị ikpeazụ ga-adị ka egosiri n'okpuru.

encrypt_volume               /dev/sdd1          none       luks

29. Mgbe ahụ dezie /etc/fstab wee kọwaa aha ngwaọrụ gị, ebe ugwu, ụdị faịlụ na nhọrọ ndị ọzọ.

$ sudo nano /etc/fstab

N'ahịrị ikpeazụ jiri syntax na-esonụ.

/dev/mapper/device_name (or UUID)	/mount_point     filesystem_type     options    dump   pass

Tinyekwa ọdịnaya gị akọwapụtara.

/dev/mapper/encrypt_volume      /mnt    ext4    defaults,errors=remount-ro     0     0

30. Iji nweta ngwaọrụ UUID jiri iwu a.

$ sudo blkid

31. Iji tinyekwa ụdị nkebi nke NTFS emebere na mbụ jiri otu syntax dị n'elu na ahịrị ọhụrụ na fstab ( Ebe a na-eji faịlụ mgbakwunye Linux append redirection).

$ sudo su -
# echo "/dev/sdd5	/opt	ntfs		defaults		0              0"  >> /etc/fstab

32. Iji nyochaa mgbanwe reboot igwe gị, pịa Tinye mgbe “Starting configure network device” buut ozi wee pịnye ngwaọrụ gị passphrase.

Dị ka ị na-ahụ ma akụkụ diski ka etinyere ya na akpaghị aka na usoro sistemụ faịlụ Ubuntu. Dịka ndụmọdụ, ejikwala mpịakọta ezoro ezo na akpaghị aka site na faịlụ fstab na sava dịpụrụ adịpụ ma ọ bụrụ na ịnweghị ike ịmegharị usoro maka ịnye paswọọdụ olu gị ezoro ezo.

Enwere ike itinye otu ntọala ahụ na ụdị mgbasa ozi mbughari niile dị ka mkpanaka USB, ebe nchekwa Flash, diski ike mpụga, wdg maka ichekwa data dị mkpa, nzuzo ma ọ bụ nke nwere mmetụta ma ọ bụrụ na eavesdropping ma ọ bụ izu ohi.