Home Unlabelled HOWTO : Encrypt/Decrypt BackTrack 5 R2 with Passphrase

HOWTO : Encrypt/Decrypt BackTrack 5 R2 with Passphrase

By
Friday, March 09, 2012
Read
Add Comment
Credit to : Infosec Ramblings and Hak5.org



Step 1 :



The hard drive partitioning is as the following :



/dev/sda1 for /boot

/dev/sda5 for /



Assume the hard drive is band new.



fdisk /dev/sda

n

p

1

+4G

n

e

2

n

l

p

w



* where +4G is set to 4GB for the /dev/sda1 as /boot. You can set it to +1024M or smaller.



Step 2 :



cryptsetup -y -c aes-xts-plain -s 512 luksFormat /dev/sda5

cryptsetup luksOpen /dev/sda5 haktop



* where haktop is the device label



Step 3 :



mkfs.ext2 /dev/sda1

mkfs.ext4 /dev/mapper/haktop



Step 4 :



Install BackTrack 5 R2 as is. However, select custom partitioning. Do not format the partitions. Select /dev/mapper/haktop as ext4 and / while select /dev/sda1 as ext2 and /boot.



Make sure the bootloader is installed at /dev/sda.



Step 5 :



Once the installation is completed, select "Continue testing" and do not reboot the system.



mkdir /mnt/haktop



mount /dev/mapper/haktop /mnt/haktop/

mount /dev/sda1 /mnt/haktop/boot



chroot /mnt/haktop/



mount -t proc proc /proc

mount -t sysfs sys /sys/



Step 6 :



Get the UUID of sda5 by opening another terminal :



blkid /dev/sda5



Copy down the UUID of the /dev/sda5.



nano /etc/crypttab



haktop /dev/disk/by-uuid/ none luks



Step 7 :



nano /usr/share/initramfs-tools/scripts/local-top/cryptroot



Locate the following :



# Try to get a satisfactory password $crypttries times

   count=0

   while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do



Change to :



count=0

echo "Unlocking the disk $cryptsource ($crypttarget)"

while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do



Locate the following :



if [ -z "$cryptkeyscript" ]; then

   cryptkey="Unlocking the disk $cryptsource ($crypttarget)\nEnter passphrase: "

if [ -x /bin/plymouth ] && plymouth --ping; then



Change to :



if [ -z "$cryptkeyscript" ]; then

   cryptkey="Enter passphrase: "

if [ -x /bin/plymouth ] && plymouth --ping; then



Step 7a :



update-initramfs -u



fix-splash



Now, reboot the system. The bootup will halt at the wallpaper of BackTrack 5. Just press F8 and deleted the prompted "****" and then enter your passphrase to boot the system.



Or, you can just key in the passphrase when the bootup process is stopped at the wallpaper.



Step 8 : (Optional)



If you do not want to press F8, you can delete the "splash" from the following line.



nano /boot/grub/grub.cfg



Locate the following :



linux /vmliunx-3.2.6 root=/dev/mapper/haktop ro text splash vga=791



To make it look likes :



linux /vmliunx-3.2.6 root=/dev/mapper/haktop ro text vga=791



Then, you will be prompted for entering your passphrase on every boot up.



Step 9 :



After the system is boot up, it is required to create swap file.



dd if=/dev/zero of=/swapfile1 bs=1M count=8192



* Where count=8192 is 8GB



mkswap /swapfile1

chown root:root /swapfile1

chmod 0600 /swapfile1



swapon /swapfile1



nano /etc/fstab



/swapfile1 swap swap defaults 0 0



Then reboot the system.



See Also : HOWTO : Encrypt/Decrypt BackTrack 5 R2 with USB stick





That's all! See you.
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us