== Ubuntu Open Week - Private Directories - Dustin Kirkland - Tue, Nov 4th, 2008 == {{{ (04:00:31 PM) kirkland: Howdy all! (04:00:41 PM) cyphermox: howdy! (04:00:58 PM) ***popey encrypts his greeting before storing it in ~/Private (04:01:00 PM) kirkland: I'm hear to talk about a fancy new feature in Ubuntu Intrepid Ibex ... Encrypted Private Directories (04:01:18 PM) kirkland: popey: are you doing introductions? (04:01:31 PM) popey: no, you go right ahead (04:01:36 PM) kirkland: righto.... (04:02:01 PM) kirkland: so the executive summary of usage looks like this.... (04:02:11 PM) kirkland: On an Intrepid system.... (04:02:19 PM) kirkland: $ sudo apt-get update (04:02:27 PM) kirkland: $ sudo apt-get install ecryptfs-utils (04:02:33 PM) kirkland: $ ecryptfs-setup-private (04:02:49 PM) kirkland: You will be prompted for your *login* password (the one that you use to login to your system) (04:02:59 PM) kirkland: And then, you will be prompted for a *mount* passphrase (04:03:09 PM) kirkland: this should be different from your login passphrase (04:03:22 PM) kirkland: optionally, you can let ecryptfs-setup-private generate this from /dev/urandom (04:03:42 PM) kirkland: that will ensure a long, difficult to guess (but equally difficult to remember) mount passphrase (04:04:04 PM) kirkland: in either case, it's absolutely ***essential*** that you print that out, or write it down and store it somewhere safe (04:04:14 PM) kirkland: like a safety deposit box, or something ;-) (04:04:46 PM) kirkland: if you loose that passphrase, you will not be able to access your encrypted data if you have to recover it manually later (04:04:49 PM) kirkland: okay........ (04:05:09 PM) kirkland: so once you've done that, you should be able to logout of your system, and log back in (04:05:30 PM) kirkland: that's via ssh, console, or even graphical desktop clients, in Gnome, KDE, XFCE (04:05:40 PM) kirkland: here's where the magic happens.... (04:05:57 PM) kirkland: when you installed ecryptfs-utils, it inserted a new module into the PAM stack (04:06:03 PM) kirkland: pam_ecryptfs (04:06:14 PM) kirkland: you can see it if you 'grep pam_ecryptfs /etc/pam.d/*' (04:06:48 PM) kirkland: whenever you give your login password, pam_ecryptfs will take that password, and use it to decrypt a file, ~/.ecryptfs/wrapped-passphrase, which contains that mount passphrase (04:07:22 PM) kirkland: once that mount passphrase is obtained, pam_ecryptfs will call /sbin/mount.ecryptfs_private (04:07:42 PM) kirkland: /sbin/mount.ecryptfs_private is a special utility, that is installed with "setuid" capabilities (04:08:07 PM) kirkland: this allows it to elevate your privileges from a normal user, to the root user for one particular operation.... (04:08:10 PM) kirkland: doing a "mount" (04:08:34 PM) kirkland: so mount.ecryptfs_private will do a few things ... (04:08:58 PM) kirkland: it will first check that the mount passphrase that was decrypted with your login passphrase *is* the correct mount passphrase (04:09:29 PM) kirkland: it does this by looking at the "signature" of the passphrase, and compares that with another file, ~/.ecryptfs/Private.sig (04:09:59 PM) kirkland: if these match, it will mount your ~/.Private directory on top of ~/Private using a special filesystem, called "ecryptfs" (04:10:25 PM) kirkland: ecryptfs stands for "Enterprise Cryptographic Filesystem", and was developed by some of my former colleagues at IBM (04:10:38 PM) kirkland: namely, Michael Halcrow, and Tyler Hicks (04:10:54 PM) kirkland: i chose ecryptfs for a couple of reasons (04:11:34 PM) kirkland: however, I will note that the same principles I used to deliver Encrypted Private Directories could be used with anyone of a number of other cryptographic filesystems (04:12:06 PM) kirkland: for one thing, ecryptfs is in the Linux Kernel, and has been there since the 2.6.19 release (they're currently on 2.6.28) (04:12:33 PM) kirkland: i believe that this gives it heavy exposure, in a number of different fields of computing and numerous distributions (04:12:55 PM) kirkland: the code in there is heavily vetted, and while not perfect, there are plenty of experts working on it (04:13:14 PM) kirkland: it's also not "going away" any time soon (04:13:27 PM) kirkland: this is important to me, as I store some very important data in my ecryptfs mounts (04:14:12 PM) kirkland: there are also some (theoretic) performance benefits of a filesystem implemented in the kernel, rather than userspace (04:14:33 PM) kirkland: i put the "theoretic" in parentheses as I haven't tested this myself (04:14:40 PM) kirkland: I'll leave that to someone else ;-) (04:14:57 PM) kirkland: but it does simplify matters, and reduce context switches required (04:15:14 PM) kirkland: the nice thing is that there are now cryptographic algorithms built into the kernel itself (04:15:24 PM) kirkland: thus, ecryptfs really didn't implement any encryption (04:15:32 PM) kirkland: that's a "good thing" from your point of view, i think (04:16:04 PM) kirkland: cryptographic algorithms must be reviewed very, very thoroughly, and the ones already in the kernel have been (04:16:29 PM) kirkland: in any case, there other other crypto filesystem methods out there (04:16:33 PM) kirkland: encfs, is one (04:16:39 PM) kirkland: truecrypt, is another (04:16:39 PM) lordnoid_ is now known as lordnoid (04:16:43 PM) kirkland: dmcrypt is still another (04:16:45 PM) kirkland: and so on (04:17:06 PM) kirkland: another advantage of ecryptfs is that each file is individually encrypted in the underlying filesystem (04:17:23 PM) kirkland: where as with block-level encryption, the entire device is encrypted (04:17:32 PM) kirkland: there are cases where perhaps this makes sense (04:17:37 PM) kirkland: swap, for instance (04:17:50 PM) kirkland: or, if you want to encrypt your entire hard drive (LVM encryption) (04:18:07 PM) kirkland: however, there are a couple of disadvantages .... (04:18:23 PM) kirkland: it's not really possible to incrementally backup a block-level encrypted device (04:18:40 PM) kirkland: in my case, though, I can simply rsync -aP .Private to my remote storage (04:19:15 PM) kirkland: and be assured that even the root user on that remote system (perhaps a co-lo, or a commercial backup site) won't be able to access my most sensitive data (04:19:52 PM) kirkland: i will warn, however, that the ecryptfs implementation in the 2.6.27 kernel which is used in Intrepid does not yet encrypt filenames (04:20:06 PM) kirkland: that's a known issue, we have a bug tracking it in Launchpad (04:20:26 PM) kirkland: but mhalcrow is working on it, and has code being integrated in the kernel as we speak (04:20:41 PM) kirkland: i think it's realistic to expect encrypted filenames in Jaunty (04:20:57 PM) kirkland: this bothers some people, but it doesn't really bother me that much .... (04:21:25 PM) kirkland: i posted a sample, encrypted id_rsa file, named as such, identified as an ssh private key to that bug (04:21:41 PM) kirkland: if someone cracks that encryption, and can do it regularly, we have a problem on our hands ;-) (04:21:53 PM) kirkland: but i trust the Linux kernel's built in encryption (04:22:01 PM) kirkland: okay, question from the classroom.... (04:22:08 PM) kirkland: what happen with ecryptfs when you have automatic login user... (04:22:21 PM) kirkland: that's a great one, and a bug that I actually spent all day yesterday fixing (04:22:41 PM) kirkland: it should be in intrepid-proposed later today, and uploaded to intrepid soon after (04:22:57 PM) kirkland: if you automatically login, you don't enter your password (04:23:21 PM) kirkland: and so your Private directory won't automatically be mounted (04:23:28 PM) kirkland: obviously, that's by design (04:23:47 PM) kirkland: if all someone has to do is turn on your computer, then encrypted data isn't worth much (04:23:57 PM) kirkland: so, i have a fix in the works .... (04:24:16 PM) kirkland: basically, when you boot a system that automatically logs in (04:24:38 PM) kirkland: you would open your "Private" folder using Nautilus or Konqueror, etc. (04:25:00 PM) kirkland: and you won't see your data (yet), but you will see a link to an application that says (04:25:04 PM) kirkland: "Access Your Private Data" (04:25:17 PM) kirkland: this will run a program, /usr/bin/ecryptfs-mount-private (04:25:29 PM) kirkland: which will prompt you for your login password, and mount your Private folder (04:25:53 PM) kirkland: question from the audience: (04:25:58 PM) kirkland: QUESTION: what sort of performance hit is there, anything noticeable? (04:26:30 PM) kirkland: here are the contents of my Private directory: (04:26:35 PM) kirkland: $ ls -alF Private/ (04:26:36 PM) kirkland: total 40 (04:26:36 PM) kirkland: drwx------ 10 kirkland kirkland 4096 2008-11-03 09:02 ./ (04:26:36 PM) kirkland: drwx------ 98 kirkland kirkland 4096 2008-11-04 14:28 ../ (04:26:37 PM) kirkland: drwx------ 4 kirkland kirkland 4096 2008-10-03 10:23 Documents/ (04:26:38 PM) kirkland: drwxr-xr-x 9 kirkland kirkland 4096 2008-11-04 11:28 .evolution/ (04:26:40 PM) kirkland: drwx------ 2 kirkland kirkland 4096 2008-11-04 14:29 .gnupg/ (04:26:41 PM) kirkland: drwx------ 4 kirkland kirkland 4096 2008-02-14 06:59 .mozilla/ (04:26:43 PM) kirkland: drwx------ 6 kirkland kirkland 4096 2008-11-04 15:25 .purple/ (04:26:45 PM) kirkland: drwx------ 2 kirkland kirkland 4096 2008-10-28 13:02 .ssh/ (04:26:47 PM) kirkland: drwx------ 4 kirkland kirkland 4096 2008-08-20 08:46 .Trash-1000/ (04:26:49 PM) kirkland: drwx------ 10 kirkland kirkland 4096 2008-11-02 20:08 .xchat2/ (04:26:57 PM) kirkland: I don't have any performance issues with any of those programs using encrypted Private (04:27:03 PM) kirkland: that includes: (04:27:05 PM) kirkland: Evolution (04:27:08 PM) kirkland: GnuPG (04:27:11 PM) kirkland: Firefox (04:27:16 PM) kirkland: Pidgin (04:27:19 PM) kirkland: SSH (04:27:22 PM) kirkland: XChat2 (04:27:38 PM) kirkland: I don't do my development in there, though (04:28:01 PM) kirkland: I would imagine something like compiling software would probably take a 10% performance hit, if i had to guess (04:28:14 PM) kirkland: but, fortunately, i work on open source software, which isn't really secret :-) (04:28:28 PM) kirkland: that brings up a very good point .... (04:28:46 PM) kirkland: another motivation for using an Encrypted Private Directory is a performance one ... (04:28:59 PM) kirkland: you can choose to install your entire system to an encrypted LVM (04:29:10 PM) kirkland: and then, all of your data on your entire hard drive is encrypted (04:29:23 PM) kirkland: but there almost certainly is a performance penalty for doing this (04:29:38 PM) kirkland: to run anything in /usr/bin, or access libraries in /lib, or configuratoin files in /etc ... (04:29:46 PM) kirkland: all of that takes decrypt operations (04:29:52 PM) kirkland: and writing data does too (04:30:20 PM) kirkland: with an Encrypted Private Directory, you consciously choose what data you want to protect (04:30:32 PM) kirkland: and what you are willing to pay the encryption performance penalty (04:30:50 PM) kirkland: another advantage is that LVM encryption requires a password just to boot the system (04:30:59 PM) kirkland: this is a no-no for servers (04:31:12 PM) kirkland: where the system might be in a data center 2000 miles away (04:31:29 PM) kirkland: and it's expected to boot "unattended" (04:31:42 PM) kirkland: with Encrypted Private, you enter the password when you login, or when you access that directory (04:31:54 PM) kirkland: QUESTION: are there plans to extend encryption options to entire /home ? or this has some disadvantages, eg performance? (04:32:30 PM) kirkland: I intend on proposing this again at the Ubuntu Developer Summit in December of 2008 for Jaunty (04:32:38 PM) kirkland: this was, in fact my original proposal (04:32:49 PM) kirkland: but we scaled it back to just ~/Private for Intrepid (04:33:01 PM) kirkland: which is just as well ... there were plenty of issues to solve for just that! (04:33:42 PM) kirkland: i would like to eventually allow for each user to choose to encrypt their entire /home/USERNAME directory, with a key that's unique to them (04:33:56 PM) kirkland: it would, of course, be an opt-in program ;-) (04:34:05 PM) kirkland: this isn't desired by everyone, and i respect that (04:34:15 PM) kirkland: i think it would remove some of the complexity, though (04:34:24 PM) kirkland: i showed you the contents of my Private directory (04:34:53 PM) kirkland: I have established symbolic links from those directories' natural locations to their storage in Private (04:35:06 PM) kirkland: ln -s /home/kirkland/Private/.ssh /home/kirkland/.ssh (04:35:16 PM) kirkland: this is slightly more complex than I'd like it to be (04:36:06 PM) kirkland: there are a number problems we're going to have to solve to do this (04:36:25 PM) kirkland: and it will be up to the powers that be at UDS to determine if this is something we are interested in solving in Ubuntu (04:36:27 PM) kirkland: QUESTION: actually mounting and unmounting private directory is done in command line, is there any plan to got a nautilus integration (04:36:50 PM) kirkland: yes, see my response earlier to the question about auto-mounting .... (04:37:00 PM) kirkland: i created a desktop shortcut just yesterday (04:37:08 PM) kirkland: that hasn't made it quite into Intrepid yet, but it's coming (04:37:38 PM) kirkland: i also just created a similar desktop link yesterday for the ecryptfs-setup-private program (04:37:50 PM) kirkland: i'm hoping we can get both of those updates out for Intrepid in the coming days (04:38:06 PM) kirkland: i have high hopes for some better graphical utilities in time for Jaunty (04:38:21 PM) kirkland: QUESTION: How about encrypting with a physical key, instead of a passphrase? I'm thinking something like a USB pen drive that allows you access to the data in ~/Private, for example. (04:38:30 PM) kirkland: great question .... (04:38:46 PM) kirkland: ecryptfs, itself has a *very* flexible key management framework (04:39:07 PM) kirkland: it currently supports: (04:39:12 PM) kirkland: 1) pkcs11-helper (04:39:13 PM) kirkland: 2) openssl (04:39:13 PM) kirkland: 3) passphrase (04:39:13 PM) kirkland: 4) tspi (04:39:32 PM) kirkland: the only one of which we're using for Encrypted Private is the passphrase (04:39:55 PM) kirkland: i have another open bug asking about support for Thinkpad fingerprint readers (04:40:19 PM) kirkland: that's a very reasonable request, and if I can ever put my hands on one for a few hours, I think I could probably hack it up :-) (04:40:44 PM) kirkland: the USB pen drive one is actually easier than that (04:41:05 PM) kirkland: cyphermox: i'd ask you to please file a bug against ecryptfs-utils (04:41:25 PM) kirkland: though you could hack around it very easily .... (04:41:51 PM) kirkland: cyphermox: move your ~/.ecryptfs directory to that USB key (04:42:06 PM) kirkland: cyphermox: and setup a symlink (04:42:20 PM) kirkland: cyphermox: i think that's about it ;-) (04:42:35 PM) kirkland: cyphermox: or, just move ~/.ecryptfs/wrapped-passphrase (04:43:09 PM) kirkland: i actually might play with that one a bit myself ;-) great idea! (04:44:16 PM) kirkland: QUESTION: Can OpenGPG cards be used as keys too? Are they part of the PKCS11 support? (04:44:43 PM) kirkland: tonytiger: good question ... i'm not familiar with OpenGPG cards. i'll need to do some research on that one (04:44:54 PM) kirkland: for what it's worth ... (04:45:20 PM) kirkland: tspi is support for the "Trusted Computing" chips found in most modern machines (04:45:45 PM) kirkland: you can debate among yourselves all the horrible things that Trusted Computing can do with your systems (04:45:48 PM) kirkland: :-) (04:46:06 PM) kirkland: but support is there for storing your keys in the tspi itself (04:46:12 PM) kirkland: i've not used it though (04:46:59 PM) kirkland: but the pkcs11 support should support any of the public-key crypto tokens (04:47:28 PM) kirkland: i doubt that i would personally push any of those other mechanisms into Ubuntu any time soon (04:47:37 PM) kirkland: (tspi, pkcs11, openssl) (04:47:46 PM) kirkland: but i'm certainly not opposed to patches! :-) (04:48:10 PM) kirkland: fingerprint readers, and .ecryptfs on a usb stick are some low hanging fruit that I'll try to tackle in Jaunty (04:48:23 PM) kirkland: QUESTION: If you encript all you home directory (as the original idea) you still need password (login) and mount passphrase? (04:48:44 PM) kirkland: yes. auto-login will almost certainly *not* work (04:49:05 PM) kirkland: with respect to the 2 passphrase (login, and mount) ... (04:49:24 PM) kirkland: i'll remind you that in normal Encrypted Private operation, *all* you really need is your login passphrase (04:49:36 PM) kirkland: your mount passphrase is decrypted and used on the fly, under the covers (04:50:00 PM) kirkland: they *only* time you should ever need to manually use your mount passphrase is when/if you have to manually recover your data elsewhere, later (04:50:19 PM) kirkland: let's say you've kept good backups of your encrypted data in .Private offsite (04:50:37 PM) kirkland: and you're at a friend's house, or a client site, or something (04:50:58 PM) kirkland: and you need access to one of your files, let's say .Private/foobar (04:51:35 PM) kirkland: assuming you have access to a Linux machine with at least a 2.6.19 kernel with ecryptfs support (ideally, more like 2.6.27 or later) (04:51:38 PM) kirkland: you could: (04:51:47 PM) kirkland: mkdir /tmp/1 /tmp/2 (04:51:56 PM) kirkland: cp .Private/foobar /tmp/1 (04:52:03 PM) kirkland: sudo mount -t ecryptfs /tmp/1 /tmp/2 (04:52:13 PM) kirkland: and then you'll get a series of interactive questions: (04:52:19 PM) kirkland: Select key type to use for newly created files: (04:52:20 PM) kirkland: 1) pkcs11-helper (04:52:20 PM) kirkland: 2) openssl (04:52:20 PM) kirkland: 3) passphrase (04:52:20 PM) kirkland: 4) tspi (04:52:22 PM) kirkland: Selection: (04:52:38 PM) kirkland: (these answers will be for the default Intrepid Encrypted Private setup) (04:52:44 PM) kirkland: -> 3) passphrase (04:52:52 PM) kirkland: Passphrase: (04:53:08 PM) kirkland: -> your_mount_passphrase_that_you_wrote_down_and_stored_somewhere_safe (04:53:17 PM) kirkland: Select cipher: (04:53:17 PM) kirkland: 1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) (04:53:17 PM) kirkland: 2) blowfish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) (04:53:17 PM) kirkland: 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded) (04:53:18 PM) kirkland: 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) (04:53:18 PM) kirkland: 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) (04:53:22 PM) kirkland: 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded) (04:53:24 PM) kirkland: Selection [aes]: (04:53:26 PM) kirkland: -> aes (04:53:44 PM) kirkland: (note that these are the other ciphers that ecryptfs supports) (04:54:01 PM) kirkland: Select key bytes: (04:54:01 PM) kirkland: 1) 16 (04:54:01 PM) kirkland: 2) 32 (04:54:01 PM) kirkland: 3) 24 (04:54:04 PM) kirkland: Selection [16]: (04:54:05 PM) kirkland: -> 16 (04:54:17 PM) kirkland: (we might consider moving this up in Jaunty) (04:54:23 PM) kirkland: Enable plaintext passthrough (y/n) [n]: (04:54:30 PM) kirkland: -> n (04:54:39 PM) kirkland: (I'll explain this if someone really wants to know) (04:54:48 PM) kirkland: Attempting to mount with the following options: (04:54:49 PM) kirkland: ecryptfs_key_bytes=16 (04:54:49 PM) kirkland: ecryptfs_cipher=aes (04:54:49 PM) kirkland: ecryptfs_sig=c7fed37c0a341e19 (04:54:49 PM) kirkland: Mounted eCryptfs (04:55:03 PM) kirkland: then, you can look at /tmp/2/foobar and your data is available in the clear (04:55:13 PM) kirkland: sudo umount /tmp/2 (04:55:19 PM) kirkland: and it's protected again (04:55:43 PM) kirkland: note that you could have done this with the entire directory hierarchy (04:56:25 PM) kirkland: that's pretty much all i have on my mind at the moment :-) (04:56:35 PM) kirkland: any other questions? (04:56:39 PM) kirkland: maybe time for 1 more? (04:57:23 PM) kirkland: well you've been a great audience :-) thanks for your time and attention! (04:58:07 PM) kirkland: QUESTION: where do I find more info? (04:58:19 PM) kirkland: let's see ... (04:58:49 PM) kirkland: the design docs for Intrepid's Encrypted Private are: https://wiki.ubuntu.com/EncryptedPrivateDirectory (04:59:04 PM) kirkland: the quickstart help guide is: http://help.ubuntu.com/community/EncryptedPrivateDirectory (04:59:23 PM) kirkland: the upstream project page is https://launchpad.net/ecryptfs (04:59:34 PM) kirkland: ubuntu bugs in ecryptfs is: https://bugs.edge.launchpad.net/ubuntu/+source/ecryptfs-utils (04:59:49 PM) kirkland: the user's mailing list is: ecryptfs-users AT lists DOT launchpad DOT net (05:00:11 PM) kirkland: join the launchpad team: https://edge.launchpad.net/~ecryptfs-users (05:00:15 PM) kirkland: and get a little badge :-) (05:01:00 PM) kirkland: if you're interested in development: https://edge.launchpad.net/~ecryptfs-devel (05:01:30 PM) kirkland: okay, i think that's all from me (05:02:26 PM) quintale: thanks a lot }}}