HOWTO : Encrypt/Decrypt BackTrack 5 R2 with USB stick
Credit to : Hak5.org
Step 1 :
To check the device label :
*** Where
Step 2 :
To format the following devices with linux format :
Step 3 :
Step 4 :
*** Where
Step 5 :
Install BackTrack 5 R2 as usual. However, do not format the partitions. Select
After that, make sure the bootloader is installed at
Step 6 :
Once the installation is completed, select "
Make sure the keys are different.
Step 7 :
Step 8 :
Step 9 :
After that, boot BackTrack 5 R2 from the USB stick. It will drop to the busybox.
At the busybox, enter the following commands to unlock the partition. You are required to enter these commands on every boot up.
Then press
Step 10 :
After the system is boot up, it is required to create swap file.
* Where count=512 is 512M
Then reboot the system.
Remarks :
You are required to enter these commands on every boot up.
See Also : HOWTO : Encrypt/Decrypt BackTrack 5 R2 with Passphrase
That's all! See you.
Step 1 :
To check the device label :
sfdisk -l /dev/sda
sfdisk -l /dev/sdc
*** Where
sda
is my hard drive and sdc
is the USB stickStep 2 :
To format the following devices with linux format :
fdisk /dev/sda
d
n
p
1
p
w
fdisk /dev/sdc
d
n
p
1
p
w
Step 3 :
dd if=/dev/sdc bs=1 count=64 skip=32 of=/tmp/first.key
cryptsetup -c aes-xts-plain -s 512 luksFormat /dev/sda1 /tmp/first.key
cryptsetup -d /tmp/first.key luksOpen /dev/sda1 mylaptop
ls /dev/mapper
Step 4 :
mkfs.ext2 /dev/sdc1
mkfs.ext4 /dev/mapper/mylaptop
*** Where
mylaptop
is the label of the device.Step 5 :
Install BackTrack 5 R2 as usual. However, do not format the partitions. Select
/dev/mapper/mylaptop
as ext4
and /
. Then, select /dev/sdc1
as ext2
and /boot
.After that, make sure the bootloader is installed at
/dev/sdc
Step 6 :
Once the installation is completed, select "
Continue testing
" and do not reboot.dd if=/dev/sdc bs=1 count=64 skip=32 of=/tmp/second.key
Make sure the keys are different.
sha1sum /tmp/*key
Step 7 :
cryptsetup -d /tmp/first.key luksAddKey /dev/sda1 /tmp/second.key
mkdir /mnt/mylaptop
mount /dev/mapper/mylaptop /mnt/mylaptop/
mount /dev/sdc1 /mnt/mylaptop/boot
chroot /mnt/mylaptop/
mount -t proc proc /proc
mount -t sysfs sys /sys/
Step 8 :
nano /etc/crypttab
blkid /dev/sda1
mylaptop /dev/disk/by-uuid/ none luks
nano /etc/fstab
/dev/sdb1 /boot ext2 defaults 0 2
Step 9 :
After that, boot BackTrack 5 R2 from the USB stick. It will drop to the busybox.
At the busybox, enter the following commands to unlock the partition. You are required to enter these commands on every boot up.
dd if=/dev/sdb bs=1 count=64 skip=32 of=/tmp/mykey.key
cryptsetup -d /tmp/mykey.key luksOpen /dev/sda1 mylaptop
Then press
Ctrl-D
to continue the boot process.Step 10 :
After the system is boot up, it is required to create swap file.
dd if=/dev/zero of=/swapfile1 bs=1M count=512
* Where count=512 is 512M
mkswap /swapfile1
chown root:root /swapfile1
chmod 0600 /swapfile1
swapon /swapfile1
nano /etc/fstab
/swapfile1 swap swap defaults 0 0
Then reboot the system.
Remarks :
You are required to enter these commands on every boot up.
dd if=/dev/sdb bs=1 count=64 skip=32 of=/tmp/mykey.key
cryptsetup -d /tmp/mykey.key luksOpen /dev/sda1 mylaptop
See Also : HOWTO : Encrypt/Decrypt BackTrack 5 R2 with Passphrase
That's all! See you.