Linux

47509 readers

1246 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

Question about the order of FDE steps with LUKS and LVM (lemmy.ml)

submitted 7 months ago by [email protected] to c/[email protected]

22 comments fedilink hide all child comments

I'm setting up FDE and wonders which one is better. "LVM over LUKS" or "LUKS over LVM"? Or something else? Does one is definitely better then the other? What are your preference?

Thanks.

you are viewing a single comment's thread
view the rest of the comments

[–] TMP_NKcYUEoM7kXg4qYe 0 points 7 months ago* (last edited 6 months ago) (12 children)

From the info I've gathered, it seems that LUKS over LVM is the "proper" way as ideally you'd only want to encrypt swap, /tmp and /var. (/tmp and /var are places for temporary files, ie. opening a .zip archive. Swap is just RAM on your hard drive, so a place where your passwords could be stored) Encrypting the root (equivalent of "program files" in Windows) won't make your system more secure, just slower. (If you live in a place where you need to keep the list of your installed apps private, you'd probably be fricced by using encryption anyways.) Home directory should obviously be encrypted ~~but for the best performance you should use file level encryption instead of block level. ~~ edit: Do your own research on the performance, a reply claims otherwise, though leaving root partition unencrypted obviously increases R/W speed.

The thing is that setting it up this way is pretty hard so distros generally use 2 easier methods to setup encryption. Either encrypt the whole disk (LVM over LUKS) or encrypt only the home directory. I wonder whether the latter is secure enough though. Mint for example does not explicitly state that swap, /var and /tmp are encrypted when you select "encrypt home directory" but on Cinnamon there is not hibernation option so there is a chance that Swap is encrypted, just with a one-time password, which gets generated on boot and deleted after shutdown. <--- citation needed...edit: I've just tried hibernating in Mint without FDE and it didn't work, you just get a new session after resuming, so that's good.

Relevant article: https://www.linuxinsider.com/story/the-case-against-full-disk-encryption-86774.html

also: https://wiki.archlinux.org/title/Data-at-rest_encryption#Block_device_vs_stacked_filesystem_encryption

[–] [email protected] 4 points 7 months ago (9 children)

I though FDE is to thwart physical access to exfiltrate and or recover data. Making the root partition unencrypted surely will boost performance but I feel like this opens up an additional avenue for an attacker to exploit and defeat the purpose of doing FDE? It isn't just making "installed apps private" but literally replace some binaries with a backdoored version of it with then enables access to decrypted data.

[–] TMP_NKcYUEoM7kXg4qYe 0 points 7 months ago* (last edited 7 months ago) (8 children)

If an attacker has physical access to your device, you should not use the device afterwards, ever. There are some mitigations like Secure Boot and Heads OS, but they only slow down the attacker. Given enough time, you cannot stop him. Heads OS is pretty much for giving your laptop to airport security temporary and Secure Boot has been hacked in a minute. Although that was using TMP outside of the CPU, I would not trust Secure Boot with TMP 2.0 for anything other than a quick customs check either.

Using FDE as a protection against physical attacks is just a false sense of security. Veracrypt for example go as far as to say that secure boot is false sense of security.

For maximum paranoia there is a use for FDE, though. If you install a crappy app that saves data outside of RAM, /home, /var and /tmp, the data won't get leaked. Though that would be a massive security issue because most linux computers are servers which cannot use FDE.

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago) (1 children)

The most common physical attacks will be you misplacing your device or some friend/burglar/cop taking it. FDE works great in those scenarios.

[–] TMP_NKcYUEoM7kXg4qYe 1 points 6 months ago

Not really, rewriting the boot sector with your malware can be scripted so even the average burglar could use it. Using a previously stolen laptop without reflashing the firmware or something similar isn't worth the risk imo.

load more comments (6 replies)

load more comments (8 replies)