|
|
|
|
|
|
Tips and Tricks |
This section describes some tricks you may use to make BestCrypt more convenient and close to your needs. As well, it may uncover some not so obvious ways of using the software. Everyone is welcome to participate in the "Tips and Tricks" section! Feel free to write us to support@jetico.com
- Encrypted Home Directory
- Encrypted Home Directory made easy New
- Runtime configuration
- Encrypted Floppy
- Container hidden under its mountpoint
- Encrypted swap space
|
 |
- Make new container outside your home directory
[foo@bar ]$ bctool new /cont/myhome -s 100M -a blowfish
Enter password: <passwords will not be displayed>
Verify password: <passwords will not be displayed> - Format it using ext2 filesystem
[foo@bar ]$ bctool format /cont/myhome -t ext2
Enter password: <passwords will not be displayed>
[mkfs.ext2 output is not displayed here] -
Mount it on any mount point
[foo@bar ]$ bctool mount /cont/myhome $HOME/mnt
Enter password: <passwords will not be displayed> -
Copy all nessesary files to container
[foo@bar ]$ cp /etc/skel/.* $HOME/mnt/
- Add the following lines to $HOME/.profile or $HOME/.bash_profile
or $HOME/.login
depending on the shell you use:
bctool mount /cont/myhome $HOME/ cd
- Add the following liness to $HOME/mnt/.logout or $HOME/mnt/.bash_logout
depending on the shell you use:
[foo@bar ]$ cd / bctool umount $HOME/
- Unmount container and log off:
[foo@bar ]$ bctool umount $HOME/mnt
[foo@bar ]$ logout - Log on. Type password of your container and enjoy.
Examples of .bash_profile and .bash_logout from Andrew Daviel
|
|
- Current runtime configuration file image can be found under /proc/bcrypt
|
|
- Initialize floppy:
[foo@bar ]$ bctool new /dev/fd0 -a blowfish
Warning: All data on specified block device will be lost! Continue? (y/[n]):y
Enter password: [passwords will not be displayed]
Verify password: [passwords will not be displayed] - Format floppy:
[foo@bar ]$ bctool format /dev/fd0 -t minix
Enter password: [passwords will not be displayed]
480 inodes
1438 blocks
Firstdatazone=19 (19)
Zonesize=1024
Maxsize=268966912 - Mount it:
[foo@bar foo]$ bctool mount /dev/fd0 ~/floppy/
Enter password: [passwords will not be displayed] - Do anything You want...
[foo@bar ]$ df ~/floppy/
Filesystem 1024-blocks Used Available Capacity Mounted on
/dev/fd0 1419 1 1418 0% /home/foo/floppy
.......................... .......................... - Unmount floppy
[foo@bar ]$ bctool umount ~/floppy/
|
|
- You can easily mount BestCrypt container on it's parent directory. Please make sure that your 'pwd' not located below that mountpoint
Contents of /home/mnt directory will be replaced by the files, stored in the container file. You will get all the regular files, earlier shown in the parent directory, hidden, including the container file itself!
Do not forget to setup appropriate access rights to mountpoint to prevent unauthorized access to your data.
[foo@bar ]$ bctool mount /home/mnt/my_data.jbc /home/mnt
|
|
BestCrypt's Encrypted Swap facility should be used in order to prevent sensitive data leaks via swap file.
- First, continuous storage space should be allocated. I can be either
- Block device (partition), or
- Any continuous file.
[foo@bar ]$ dd if=/dev/zero of=my_swap_file bs=1k count=1024
- Next, link your storage to free BestCrypt device in raw mode.
Using random password is recommended.
[foo@bar ]$ bctool raw_link my_swap_file /dev/bcrypt1 -p
or
[foo@bar ]$ bctool raw_link /dev/hdd3 /dev/bcrypt1 -p - Finally, initialize and activate your newly created swap space:
[foo@bar ]$ mkswap /dev/bcrypt1
[foo@bar ]$ swapon /dev/bcrypt1
|
|
|
|
|
|
|
|