Encrypted volume interaction with Windows...
John Richard Moser
nigelenki at comcast.net
Mon Dec 17 20:50:06 UTC 2007
Fabian Rodriguez wrote:
> John Richard Moser wrote:
>> External hard disks and flash drives using NTFS or FAT32 work in Linux
>> or Windows now. The FreeOTFE program allows Windows to access a LUKS
>> partition (NOT LVM) as well. Logically, it would help users with
>> encryption needs to have a tool in GNOME to create LUKS-encrypted USB
>> flash or hard drives, and request/change the key (file? Or just
>> password?) when gnome-volume-manager detects them.
> Accoding to their website, Explore2fs supports LVM2:
> Once LVM2 is accessible/readable, then you need to setup the additional
> layer of tool(s) for enc/decryption of the volume. I am not familiar
> with the newer encrypted LVM layouts but I thought this may be the right
> path to follow.
Why LVM a 4GB USB flash drive (or even a 500GB USB hard drive)?
Although I can see the argument if you (for some reason) put a FAT drive
inside the LVM.
LVM uses LUKS encryption. Once you can read the raw partition as normal
in Windows, FreeOTFE (Open source) will let you mount a LUKS device if
you have a PASSWORD (not key file.. ugh, kick them for that) for it. So
in theory, yes, once Windows can read LVM2, it can also get at the
encrypted disk if you have the password.
In the case of Ubuntu, though, it works opposite what you said. The
whole LVM has one password; as I understand, it's a LUKS volume with LVM
inside the encrypted space, not an LVM with LUKS partitions. So yeah,
FreeOTFE first, then Explore2fs (if it works as advertised... I haven't
Of course, for most cases, why not just encrypt the disk as a disk or
partition on a removable hard disk? LVM even on a huge USB disk doesn't
make sense to me...
> Let us know what you find out.
Bring back the Firefox plushy!
More information about the Ubuntu-devel-discuss