Doesn't the ubiquity installer allow for nearly full disk (minus /boot) encryption via LUKS?
I still stand by my previous post. At the time I first set out to encrypt BT I was unable to find any other guides which dealt specifically with encrypting BT. In the process of figuring it out myself I had gone through the process many times and took careful notes about what I did. At the end, I found myself with a set up very different from the single encrypted partition I have outlined in my guide. This accounts for some (not all) of the problems others have had. I did address this fact in the guide itself and said I would be happy to try and fix any problems that may arise due to this. I'll be the first to admit that it is not written as best it can. However, I lack the time to sit down and go through the whole process myself until it is absolutely perfect these days. If anyone would like to do this, please, go right ahead.Originally Posted by Barry
Wyze called my guide a "big bucket of fail" without making any attempt to improve it. Additionally, judging by previous comments, it has obviously helped some. Again, wyze, if you would like to point out what problems you see with the guide I would be more than happy to address them.
Doesn't the ubiquity installer allow for nearly full disk (minus /boot) encryption via LUKS?
As far I know, the Ubiquity in BT4 PF does not support encryption. (Where the encryption option normally is, is not there.)
I've not tried to use the newer versions from Ubuntu, but the one in BT4PF doesn't have that option. I also think the encryption in the newer Ubuntu disks is a script and not really ubiquity.
I know the Ubuntu 9.04 alternate install CD has encryption capabilities but not the regular desktop installer cd. Given that the alternate cd has it, we could very well see encryption capabilities built in to the install cd of an upcoming release. Fedora's main install cd has had encryption capabilities standard since at least version 10 (almost a year ago).
/me puts on gloves...
Actually, I'm an 11 year old kid.
Ahem... then why bother writing an actual HOWTO entitled "HOWTO: BT4 Pre-Final Full Disk Encryption"??? A bit redundant, don't you think? 0o
Tell that to the members whom will have potentially destroyed the data on their drives and/or wasted a fair amount of time with your failed HOWTO. Even with the other users' input, you have failed to update it. I don't think there can be anything more constructive for the good of the other forums members and passerbys then to shoot you straight.
Furthermore, I've been here for a couple of years, so I don't quite see where you think you can get off by telling me to "go somewhere else", and comments are far from idiotic in reference to this topic.
Precisely the _main_ reason I spoke up.
THEN WHY BOTHER WRITING A "HOWTO" AT ALL ?? Half a$$ isn't acceptable for writing a HOWTO.
So now you would like someone to finish the incomplete HOWTO you wrote, which you admit you: 1) do not really have the knowledge to write on the subject and 2) do not have the time to put in effort to ensure completeness and accuracy, ensuring other forum members to not mess up their hardware?
Is this an accurate assessment?
That is correct. A HOWTO should be pretty bug free, less a typo or two.
First off.. {do,would,could} you have the time in the first place???
Ok, here goes:
Don't write HOWTO's on this forum, especially a HOWTO that affects someone's HDD unless your pretty damned confident that it will work from A to Z in the steps that you outline. Minor typos aren't that big of a deal, especially when they are non-trivial, but come on - this HOWTO is far from complete.
If you don't have the time to ensure that your guide is fairly concise, don't write one! .. that should be a no brainer, capiche?
So getting back to our statement of "gives you the appearance of a twelve year old kid", is it fair to say that this thread "gives you the appearance of a lazy middle-aged man"?
dd if=/dev/swc666 of=/dev/wyze
While i thank you for your time and some of the knowldge you posted ESC201, im going to have to agree with wyze.
Of all the How-To's to write and post here this is the #1 to NOT screw up. Personally i have listened to 2 people on irc bitch about how your method didnt work. I doubt any of them lost any data but thats besides the point as they surly lost time.
Im all for "learning by doing" but something as critical as disk encryption is NOT something we need to figure out as we go along. I understand where you are comming from by doing this by memory, however this simply isnt the guide for it no matter how usefull your info might be to someone else.
Anyone else wants to do a writeup of the proper method from start to finish after TESTING IT FIRST feel free, if not ill get around to it in a few days and we can burry this thread.
Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.
With the intention of trying to stop this from turning into a full on flame war, let me say the following:
ESC201, if this is not intended to be a guide that a person can follow step by step without having to think too much or perform their own testing, you should make this very clear to the reader. In the first post, right up the top and in bold. With big disclaimers about how this could potentially hose their system and they better know what they are doing and what they are getting into. If this is not meant to be a "no-brainer" then be sure that you don't misrepresent it as such - even by omission of a crystal-clear statement to the contrary. Because a no-brainer is exactly what most readers will expect if not told otherwise.
While wyze could have potentially made his points in a slightly less churlish manner, they are still valid points.
Everyone has been reasonably well behaved so far, but I'm going to ask nicely for people not to let this thread degenerate any further otherwise I will have to close it
Thanks
Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".
The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.
Comments on this tutorial.
I took the time to dissect what you have done in the hopes that you will make it better. In the meantime I must say that is should be known that you are the sole party responsible for supporting, fixing, maintaining, evolving this tutorial.
I have left any and or all spelling mistakes as they are but where grammar can (or has made) make an effect, I have offered a fix or another means of making the statements.
Could I not use the actual BT dvd to do the same thing? Some people have limited bandwidth for downloading and will be reluctant to go this route.I recommend popping in a gparted live cd now and partitioning you hdd as you see fit.
This is a multiple choice sentence, while rare in the English language they do exist.I’m writing this guide for a single boot BT install but I have my system set up with a dual, tri or even quad boot.
You have dual, tri, or even quad boot setup on one computer? If it is not relevant to the task at hand then get rid of it.
So what did you do ? Maybe you have something cool that the other kids want too.Thus, what I did is slightly different from the guide
Well since you teased me and piqued my interest where can I find out about these commands?You can also add encrypted swap or separate home/root partitions. The commands are essentially the same, there's just a few more of them.
Why not? Again if it is not relevant then leave it out.I'm writing this more of a basic disk encryption guide, not an encyclopaedia of how to do every type of encryption line by line.
So here we got started but the first step in getting started is optional?1.) OPTIONAL
Might be better to either make it mandatory in your tutorial or put it at the end as a note.
*NOTE before starting this tutorial if you have a drive that has been used before then one can overwrite the data using DD or some other such tool. Where dd is a link maybe? Not to mention one should really do a dd and then make the new partitons.
But I thought we already deleted everything?3.) EVERYTHING in the partition WILL BE DELETED.
This warning although I understand what you meant with it maybe someone else will not. It really isn't needed.
Again leave this out or leave a reference to where I can find said commands.If you are familiar with luks or want some more security, modify the above command to increase the key length, etc. I’m not going into that.
Is there a reason I would not want to encrypt those partitions?If you also use a swap or separate home partition, make sure you run that command on each of those if you want them encrypted.
Don't advise people to experiment in the middle of a tutorial save that for the end or leave it out all together if you are unsure of the results because then you are expected to support it.4.)let’s format it as ext3. (If anyone tries ext4, let me know how it goes, I’m curious to see if it works or not.)
Don't make assumptions.–O extent makes it faster or something, I’m not sure.
If you don't know then don't talk about it.
Again it would be best if you leave things out in which you have no idea about.Just fyi, the reason I say to use the gui installer rather than doing a copy from the command line is simply that it would take more commands to fix what would get screwed up. However, for those that insist on installing their system via terminal, you can try the below commands. I have not tested these at all thus, I have no idea of they work or not. If you do do it this way you may skip step six. Thanks to floyd for posting the basis of these commands.
If not what do I do know?6.) hopefully the installer completed successfully. If so, stay in the live cd;
This is not a work around but something different to what you have.If you had problems with this step, floyd has posted the following workaround.
Might want to discover the differences between the two and use one or the other.
Leave out the run apt-get update until you are complete with the tutorial itself. No need to add more potential problems.From here you can run apt-get update if you want.
Is this the only way to find out if these tools are available ? There is probably a better way than running apt-get?Also, they should already be installed but just to make sure you can do a “apt-get install cryptsetup initramfs-tools”. You'll get errors later if they aren't installed.
How do I add them?9.) we need to add a few kernel modules into the /etc/initramfs-tools/modules file. This tells what kernel modules we want loaded at boot. Add these lines to that file…
Another line that probably should not be here. If you don't know then look it up or run the experiment to find out.I don't believe these are all necessary but it doesn't hurt to have them in there.
Or just don't give an option to the reader.
What does this have to do with anything then? Or did you not do this on BT4?I get an error when it tries to create an initrd file for kernel 2.6.29.3 but BT4 comes with 2.6.29.4 so as long as you get no errors on the initrd for 2.6.29.4 you should be good. It may take a few seconds to do this.
This is something that should be checked before leaving the live cd environment.Note on the grub-install command, the end /dev/sdX is the drive, not the boot partition (eg, /dev/sda, not /dev/sda1).
If you recieve the error "/dev/sdX does not have any corresponding BIOS devices" pivot back to the live cd and run this
So this step either needs to be moved up or it needs to be eliminated.
Which begs the questions why did your write this if you did not test it beforehand?Also note that I am using a slightly different set up on my system so I haven’t tested this step line by line personally;
It's no wonder you have recieved criticism.
How do I "Pivot" by typing exit or what ?Alright. Pivot back to the live cd (type exit)
Thats what you have in this sentence. But it is not what you mean.
Also the link does not work for your usb encryption tutorial.
Post number 7 I think in your thread references that tutorial again and talks in great depth about it.
I would leave that for the other thread. Users will read the thread and some of them may get confused with the terms.
Again this is not to discourage you in anyway but rather get you to take your work more seriously and have means to help better it.
Look you are on a forum with many professionals ( yeah there are some itards as well but we generally weed them out rather fast)as such most of them are not going to stand for less than the best (or perfection).
So take all of it in stride and move forward.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Posting Permissions