Protecting Data with Encrypted Linux Partitions Part 2 - page 5
Adding Your Own Back Door
Ubuntu makes ingenious use of the
sudo command to allow unprivileged users to easily run as root when necessary. All they need is to be members of the
You may also give users the power to run only a single command that requires rootly powers by editing
/etc/sudoers. You must edit this file with
visudo. This example lets Pinball on the laptop Xena run the
visudo# /etc/sudoers # # pinball can use /etc/init.d/cryptdisks pinball xena=/etc/init.d/cryptdisks
For any Linux distribution that does not come with prefab init scripts, the nice folks who invented LUKS wrote a boot script to use. You won't need entries in
/etc/fstab if you use this script. Edit it so that it has your correct device names, then treat it like any other boot script. I like to use it the traditional way; put it in
/etc/init.d, then create startup links in
/etc/rc*.d for whatever runlevels I want.
It does not unmount or close the encrypted partition, so if you want to do this without shutting down you'll have to do it manually. Or, try this script at solsys.org. This gives you a single base command to remember for the most common
cryptsetup operations, such as creating a new encrypted partition, mounting and unmounting it, and creating and deleting passwords.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: RHEL 6.7, BackBox Linux 4.3 and RoboLinux 8.1
- 2Linux Top 3: SLES 11 SP4, Chromixium OS 1.5 and Canonical Licensing
- 3Linux Top 3: VirtualBox 5, Point Linux 3.0 and OpenSUSE Leap 42.x
- 4Linux Top 3: Linux 4.2 rc1, 4MLinux 13 and antiX15
- 5Linux Top 3: Linux Mint Rafaela, OpenMandriva Lx 2014.2 and VectorLinux 7.1