How does the triple des encryption work?Forum: User Feedback Topic: How does the triple des encryption work? started by: meo Posted by meo on May 16 2005,20:40
Hi!I thought the possibility of encrypting the backup-file would be a nice feature for me. Sometimes I have to deal with highly confidential information so it would come in handy. I've tried it out but when I reboot I'm not prompted to enter a password as I supposed. It just restores the backup.tar.gz just like before. Am I doing something wrong? When I type the password it is accepted so everything seems OK so far, but is it really encrypting the backup-file? I would appreciate any help with this. Thanks in advance! Have fun Y'all out there playing around with DSL, meo Posted by Caspar_s on May 16 2005,22:27
From the f3 menu: (or the text file in the iso...)dsl secure Prompt for root and dsl passwords dsl protect Password encrypted backup dsl host=xxxx Set hostname to xxxx And to check if it is working... try and open up the backup.tar.gz in emelfm or CLI. If it has been encrypted, it will need a password. Posted by roberts on May 17 2005,00:56
dsl protectprompts for a password and then creates a backup.des file or if a backup.des already exists and the password is correct then it will be restored. backup.tar.gz is unencrypted and probably an old one from prior use. Posted by meo on May 17 2005,07:13
Hi guys!Thanks for your replies! But it still doesn't encrypt the backup-file. I just tried it again to be sure. I booted from an original DSL-cd and issued following at the boot prompt: dsl protect xsetup. I subsecuently was prompted for a password and to reenter it. It didn't restore at this bootup. I rebooted and was not prompted for any password. My settings were automatically restored just as usual. I use a usb-drive for my backup and after several tries it still is a backup.tar.gz and nothing else. So what can be wrong? I've tried different setups but my backup-file doesn't get encrypted. I'm thankful for any comments that might be of help. As always have fun, meo Posted by roberts on May 18 2005,22:57
Meo, do we really have to have multiple treads on the same subject again?I saw this first post, but again not enough information is given. If you have no backup.des then you probably don't have a backup device specified via the backup/restore GUI or the actual file /opt/.backup_device. Try this: Boot up with your protect option When you get to the desktop. Click DSLpanel Click Backup/restrore Now tell me what DEVICE is displayed there? If nothing is there you must of course specify a DEVICE and not a mount point. Click backup and the backup.des is created. You can check it by mounting the device and taking a look. I thought that you normally run by boot from a cdrom with fromhd=/dev/sda1 qemu frugal and using the virtual device harddisk that is used by qemu. If this is still your configuration then specify "harddisk" as the device. Then mount /mnt/hdb and you will see the backup.des. Upon subsequent boots the option "protect" given the correct password will resotre from the backup.des file. You will always have to boot with protect to try to create or access a backup.des file. If you don't specify "protect" then the standard unencrypted backup.tar.gz will of course be used if one is available. You will not be prompted at the startup of restore to enter a password. It is done at boot time, or you can add the option "protect" to isolinux.cfg, syslinux.cfg. extlinux.conf, or grub as appropriate to your installation. Posted by meo on May 19 2005,12:18
Hi again!I'm truly sorry for any inconveniance I might have caused anyone (read roberts). The reason for which I made the other post is that I thought this thread was "dead" so to speak. I just assumed that people in the forum just would think that the problem was solved and case closed. The thing I didn't understand was that I had to restore my backup-file and then make a backup to get an encrypted backup.des file. I haven't found any information about that until I finally saw roberts's last post here. Therefore I thought the procedure was Knoppix-like. Just enter a password twice and press enter and that's it. So please forgive me for my ignorance in this matter and now I'll "get out of your hair" roberts, hopefully forever. I don't feel like asking about anything anymore. If I can help somebody with some piece of information that I have so be it. That's what Linux means to me: To willingly share information or knowledge that you might have with others without expecting to get paid for it. Thanks a lot! Have fun (I will anyway but I don't know about you), Best regards meo Posted by M.J. on May 21 2005,06:20
i must say,this function is very good for hiding yes |