AskUbuntu<p>dual boot entry not visible for ubuntu 24.04 with full disk encryption & Windows 11 with bitlocker, uefi, and secureboot <a href="https://ubuntu.social/tags/dualboot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dualboot</span></a> <a href="https://ubuntu.social/tags/uefi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefi</span></a> <a href="https://ubuntu.social/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a> <a href="https://ubuntu.social/tags/secureboot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secureboot</span></a> <a href="https://ubuntu.social/tags/bitlocker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bitlocker</span></a></p><p><a href="https://askubuntu.com/q/1552530/612" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">askubuntu.com/q/1552530/612</span><span class="invisible"></span></a></p>
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.
Administered by:
Server stats:
481active users
101010.pl: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.5.0-alpha.1
#luks
0 posts · 0 participants · 0 posts today
Sam Bent<p>LUKS detached headers defeat forensics. <br>Store header on separate USB. <br>Map with --header /dev/sdb1. <br>Body looks like random data. <br><a href="https://mastodon.social/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> <a href="https://mastodon.social/tags/Forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Forensics</span></a> <a href="https://mastodon.social/tags/Headers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headers</span></a> <a href="https://mastodon.social/tags/Plausible" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Plausible</span></a></p>
AskUbuntu<p>How can I encrypt an existing Ubuntu installation (root partition) using LUKS2 and TPM, without using a live USB? <a href="https://ubuntu.social/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://ubuntu.social/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a></p><p><a href="https://askubuntu.com/q/1551494/612" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">askubuntu.com/q/1551494/612</span><span class="invisible"></span></a></p>
Blue Ghost<p>Consider encrypting storage devices with LUKS.</p><p>Applications such as GNOME Disks support formatting and encrypting devices with LUKS.</p><p>LUKS: <a href="https://wikipedia.org/wiki/Linux_Unified_Key_Setup" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wikipedia.org/wiki/Linux_Unifi</span><span class="invisible">ed_Key_Setup</span></a></p><p>Devices such as USB flash drives can be lost or stolen.</p><p>Example: <a href="https://www.cbc.ca/news/politics/rcmp-lost-usb-key-privacy-commissioner-1.7554332" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cbc.ca/news/politics/rcmp-lost</span><span class="invisible">-usb-key-privacy-commissioner-1.7554332</span></a></p><p>GNOME DISKS INSTRUCTIONS<br>Select Disks > Device > Volumes (additional partition options) > Format Partition > Format Volume (Ext4 + LUKS) > Next > Set Password > Next > Format.</p><p><a href="https://mastodon.online/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> <a href="https://mastodon.online/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.online/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encryption</span></a> <a href="https://mastodon.online/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.online/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mastodon.online/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.online/tags/GNOME" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNOME</span></a></p>
Rafael Kassner<p>Saving for later: Unlock LUKS volume with a YubiKey</p><p><a href="https://www.guyrutenberg.com/2022/02/17/unlock-luks-volume-with-a-yubikey/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">guyrutenberg.com/2022/02/17/un</span><span class="invisible">lock-luks-volume-with-a-yubikey/</span></a></p><p>Use the dracut config from Wouter in the comments. If you set no PIN on the YubiKey, you can boot without a keyboard. You can use the same YubiKey for multiple machines.</p><p><a href="https://phpc.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://phpc.social/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a> <a href="https://phpc.social/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fido2</span></a></p>
Linux Renaissance<p><strong>Encrypt Silverblue Fedora With TPM-Powered LUKS</strong></p>
<p><a href="https://video.fosshq.org/w/78xgWEY8TcaFLMBNr1DZuf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">video.fosshq.org/w/78xgWEY8Tca</span><span class="invisible">FLMBNr1DZuf</span></a></p>
📡 RightToPrivacy & Tech Tips<p>BusKill Tutorial: Self Destructing Laptop Storage</p><p><a href="https://fosstodon.org/tags/buskill" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>buskill</span></a> <a href="https://fosstodon.org/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://fosstodon.org/tags/crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>crypto</span></a> <a href="https://fosstodon.org/tags/storage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>storage</span></a> <a href="https://fosstodon.org/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://fosstodon.org/tags/antiforensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>antiforensics</span></a> <a href="https://fosstodon.org/tags/HDD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HDD</span></a> <a href="https://fosstodon.org/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/datarecovery" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datarecovery</span></a> <a href="https://fosstodon.org/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a> <a href="https://fosstodon.org/tags/encrypted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encrypted</span></a> <a href="https://fosstodon.org/tags/harddrive" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>harddrive</span></a> <a href="https://fosstodon.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/educational" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>educational</span></a></p><p>Watch On <a href="https://fosstodon.org/tags/Peertube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Peertube</span></a>:</p><p><a href="https://tube.tchncs.de/w/q8X2JyxYH26tqYi2VisTHb" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tube.tchncs.de/w/q8X2JyxYH26tq</span><span class="invisible">Yi2VisTHb</span></a></p>
Christian Pietsch<p><span class="h-card" translate="no"><a href="https://framapiaf.org/@marczz" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>marczz</span></a></span></p><p><strong>Why you should use full-disk encryption</strong></p><p>If any of the arguments I make below apply to you, you should use full-disk encryption. I am pretty sure the first argument applies to everyone. The second argument applies at least to everyone in the EU and the US state of California. The third argument applies to everyone again.</p><p><strong>You will fail to delete drives properly</strong></p><p>Storage media get lost. Most people do not know how to properly delete hard disk content before selling them, or they forget it. In the case of flash drives, or SSDs, standard tools like <code>shred</code> don't work. <code>hdparm</code> may do the trick, but this is not well known. If you are lucky, the manufacturer of you SSH provides a Windows app that lets you delete it securely. Your server does not run on Windows of course.</p><p><strong>The law demands it</strong></p><p><a href="https://fedifreu.de/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> and similar data protection and privacy laws require you to store no <a href="https://fedifreu.de/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> (personal data) permanently. You have to anonymize PII or delete it after a few weeks. IP addresses are PII. All servers store IP addresses by default. The GDPR also demands that you use state-of-the-art technology to protect sensitive data. Full disk encryption is the state of the art.</p><p><strong>Law enforcement makes "mistakes"</strong></p><p>I'm a board member of <span class="h-card" translate="no"><a href="https://fedifreu.de/@Artikel5eV" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Artikel5eV</span></a></span>, an organisation that runs relays on the Tor network, including exit relays. Running Tor relays is perfectly legal in Germany. Nevertheless, law enforcement agencies have raided the homes of Artikel 5 e.V. board members twice. Illegally so, as a court confirmed recently. I won't run Tor relays in my home, but there is a good chance that my home will be raided one day unless all police officers and prosecutors decide to obey the law.</p><p>There is also a possibility that the rule of law might collapse in your country sooner or later. We are just witnessing it in the USA.</p><p>You already mentioned that ordinary thieves can also be a problem.</p><p><strong>Encryption is available for free</strong></p><p>So what is your case against disk encryption? It is obvious that it alone does not solve all IT security issues, but it is an important building block. <a href="https://fedifreu.de/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> is reliable free and open-source software for HD encryption. If you are not using Linux, check out <a href="https://fedifreu.de/tags/VeraCrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VeraCrypt</span></a>. The Raspberry Pi 5 comes with hardware acceleration for AES, so there no longer is a noticeable performance penalty for encryption.</p><p><a href="https://fedifreu.de/tags/storageEncryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>storageEncryption</span></a> <a href="https://fedifreu.de/tags/hardDiskEncryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardDiskEncryption</span></a> <a href="https://fedifreu.de/tags/encryptAllTheThings" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryptAllTheThings</span></a></p>
marczz<p><span class="h-card" translate="no"><a href="https://fedifreu.de/@chpietsch" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>chpietsch</span></a></span> I was wondering if enabling <a href="https://framapiaf.org/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> on a running server has really a benefit. Of course if thieves enter your place, unplug the server and take it the disk is protected. But this scenario is not so usual. Most often the attacker get access to your live server. Once the server is booted and the disk is unlocked, all data on the encrypted volume is accessible to anyone with access to the system. This makes encryption ineffective against attackers who compromise a running server.</p>
Christian Pietsch<p>Lately I've been doing more <a href="https://fedifreu.de/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> again due to the current situation. Of course, I'm paying particular attention to power consumption and noise. After good experiences with the <a href="https://fedifreu.de/tags/ARM64" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ARM64</span></a> architecture, even with power-hungry applications such as [Mastodon](<a href="https://fedifreu.de/about" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">fedifreu.de/about</span><span class="invisible"></span></a>), I'm now using the smartphone technology for my homeservers, too.</p><p>There are <a href="https://fedifreu.de/tags/SBCs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SBCs</span></a> with more open hardware, but the <a href="https://fedifreu.de/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi</span></a> is widely available, well documented, powerful and inexpensive. And it is available with up to 16 GB of RAM.</p><p>Anyone operating a server on the Internet must install <a href="https://fedifreu.de/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> updates quickly. However, many people forget to restart running software so that the new version runs instead of the old one. The <a href="https://fedifreu.de/tags/needrestart" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>needrestart</span></a> tool helps with this on Debian-based Linux systems, which unfortunately is usually not pre-installed.</p><p>On my Raspberry Pi 4, `needrestart` always runs correctly (automatically after `apt upgrade`). On my Raspberry Pi 5, however, I first had to create a configuration file as described by the main developer here:<br><a href="https://github.com/liske/needrestart/blob/master/README.raspberry.md" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/liske/needrestart/b</span><span class="invisible">lob/master/README.raspberry.md</span></a><br>Previously, the tool *always* claimed that a reboot was necessary because it thought an outdated Linux kernel was running.</p><p>Next, I want to activate <a href="https://fedifreu.de/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> hard drive encryption on both raspis. Unfortunately, this is not as easy under <a href="https://fedifreu.de/tags/Raspbian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Raspbian</span></a> or <a href="https://fedifreu.de/tags/RaspberryPiOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPiOS</span></a> as on other Debian systems. If you have managed this: Please let me know how you did it!</p><p><a href="https://fedifreu.de/tags/rpi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rpi</span></a> <a href="https://fedifreu.de/tags/rpi5" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rpi5</span></a> <a href="https://fedifreu.de/tags/raspi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>raspi</span></a> <a href="https://fedifreu.de/tags/raspberrypi5" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>raspberrypi5</span></a> <a href="https://fedifreu.de/tags/homeserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homeserver</span></a> <a href="https://fedifreu.de/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a></p>
Khurram Wadee ✅<p>My experience with <a href="https://mastodon.org.uk/tags/FlashDrives" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FlashDrives</span></a> recently has been mixed. I have no problem in encrypting them with <a href="https://mastodon.org.uk/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a>, using <a href="https://mastodon.org.uk/tags/cryptsetup" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cryptsetup</span></a> or with formatting a partition with <a href="https://mastodon.org.uk/tags/Btrfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Btrfs</span></a>, for instance, using <a href="https://mastodon.org.uk/tags/gparted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gparted</span></a> and doing other tinkering with <a href="https://mastodon.org.uk/tags/Gnome" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gnome</span></a> <a href="https://mastodon.org.uk/tags/disks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disks</span></a>. But the problem has been with the actual drives themselves. The cheaper ones seem to have quite a few bad sectors, etc. and so they’re not really reliable for medium term storage.</p><p>1/2</p><p><a href="https://mastodon.org.uk/tags/Hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hardware</span></a> <a href="https://mastodon.org.uk/tags/StorageDevices" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StorageDevices</span></a> <a href="https://mastodon.org.uk/tags/Unix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Unix</span></a> <a href="https://mastodon.org.uk/tags/GNU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNU</span></a> <a href="https://mastodon.org.uk/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.org.uk/tags/Fedora" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fedora</span></a></p>
boredsquirrel<p><span class="h-card" translate="no"><a href="https://norden.social/@jze" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jze</span></a></span> </p><p>Cool! Erzähl mal, wie sieht das System aus? Welche Distro, was für Sicherheitsanpassungen, Software?</p><p>Gibt es <a href="https://tux.social/tags/RemoteManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RemoteManagement</span></a>, <a href="https://tux.social/tags/Ansible" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ansible</span></a> etc?</p><p>Wie sehen nutzeraccounts aus? Separater adminuser?</p><p>Wie kommt da Software rauf, aus welchen Quellen? Wie abgesichert?</p><p><a href="https://tux.social/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a>? Andere Sicherheitssoftware?</p><p><a href="https://tux.social/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a>? Was für Vorgaben?</p><p>Finde das Thema super interessant und beschäftige mich viel mit Wartung, und wie es besser und sicherer sein könnte.</p><p><a href="https://tux.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://tux.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://tux.social/tags/DigitaleSouver%C3%A4nit%C3%A4t" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitaleSouveränität</span></a></p>
Khurram Wadee ✅<p>I managed to create an <a href="https://mastodon.org.uk/tags/encrypted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encrypted</span></a> <a href="https://mastodon.org.uk/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.org.uk/tags/Filesystem" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Filesystem</span></a> on a <a href="https://mastodon.org.uk/tags/USBStick" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USBStick</span></a>. The reason I wanted this is that I want to back up some directories, which contain secure information and also <a href="https://mastodon.org.uk/tags/NTFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NTFS</span></a>, the one that comes on most drives, doesn’t know how to handle <a href="https://mastodon.org.uk/tags/SymbolicLinks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SymbolicLinks</span></a> properly. I don’t need or want to share the stick with any non-Linux machines.</p><p><a href="https://mastodon.org.uk/tags/GNU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNU</span></a> <a href="https://mastodon.org.uk/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeSoftware</span></a> <a href="https://mastodon.org.uk/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a></p>
Мяу Машина<p>TPM и Secure boot это полурак полухуй на десктопах</p><p>TPM более менее надёжно может защищать с PIN, но и тут есть проблемы, хер разбери у тебя на плате китайский камущек сделанный джунхуем за три копейки без защиты от tampering или что то реально рабочее, шифровуются ли линии - непонятно, куча нюансов, Проще тупо включить argon в luks и быть уверенным что так оно за себя постоит.</p><p>А Secure Boot, в каких случаях он хоть что то полезное делает вообще? Ядро повреждено вирусней и так вы в безопасности? Так тогда это уже пиздец и с компа уже все унесли.</p><p>Хрень это все вообщем, microsoft как обычно шизы<br><a href="https://silverbay.space/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://silverbay.space/tags/tpm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tpm</span></a> <a href="https://silverbay.space/tags/secure_boot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secure_boot</span></a> <a href="https://silverbay.space/tags/opsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opsec</span></a> <a href="https://silverbay.space/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a></p>
arutazIt would be great if Cryptomator some day becomes Wayland native.<br><br>Currently it only supports Xorg and that hasn't got the security I need.<br><br>So for now I will continue to create LUKS vaults and upload them to the cloud.<br>One downside is that I have to decide the size of the vault beforehand.<br>Another downside is that I can only open the vault on Linux.<br><br>But I'm pretty confident in the security it provides.<br><br><a class="hashtag" href="https://fedi.arutaz.se/tag/cryptomator" rel="nofollow noopener" target="_blank">#Cryptomator</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/luks" rel="nofollow noopener" target="_blank">#LUKS</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/linux" rel="nofollow noopener" target="_blank">#Linux</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/security" rel="nofollow noopener" target="_blank">#Security</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/encryption" rel="nofollow noopener" target="_blank">#Encryption</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/cloudstorage" rel="nofollow noopener" target="_blank">#CloudStorage</a>. <a class="hashtag" href="https://fedi.arutaz.se/tag/vault" rel="nofollow noopener" target="_blank">#Vault</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/wayland" rel="nofollow noopener" target="_blank">#Wayland</a> <a class="hashtag" href="https://fedi.arutaz.se/tag/xorg" rel="nofollow noopener" target="_blank">#Xorg</a>
Anoncheg<p><a href="https://techhub.social/tags/dailyreport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dailyreport</span></a> <a href="https://techhub.social/tags/gentoo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gentoo</span></a> <a href="https://techhub.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://techhub.social/tags/administration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>administration</span></a> <a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a><br><a href="https://techhub.social/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://techhub.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://techhub.social/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a> <a href="https://techhub.social/tags/dracut" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dracut</span></a><br>I began to install Gentoo GNU/Linux on my new Laptop.</p><p>I use USB stick with encrypted password and boot<br> partition that unlock main SSD partition and boot. I use<br> BTRFS filesystem with submodules on LUKS2 encrypted<br> partition with deattached header. Partition looks like<br> not formatted, totally hidden.</p><p>Here is the first steps that you should do before<br> configuring Linux kernel for custom build:<br>- install usbutils pciutils<br>- lspci -k > lspci_installcd<br>- lsusb > lsusb_installcd<br>- lsmod > lsmod_installcd<br>- dmesg > dmesg_installcd<br>- cp /proc/config.gz livecd-config.gz<br>- zgrep CONFIG_ livecd-config.gz<br>- lscpu</p><p>My principles:<br>- Don't connect machines to each other, first steps<br> should be most careful.<br>- Don't put hard disk with different OS at the same time<br> in a single machine.<br>- Main password should not be visible and located at<br> working machine.</p>
:puppybasketball: :v03:<p><a href="https://mas.to/tags/Cifrar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cifrar</span></a> archivos, como última opción: consejos para no perder <a href="https://mas.to/tags/informaci%C3%B3n" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>información</span></a> valiosa</p><p><a href="https://gatooscuro.xyz/cifrar-archivos-como-ultima-opcion-consejos-para-no-perder-informacion-valiosa/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gatooscuro.xyz/cifrar-archivos</span><span class="invisible">-como-ultima-opcion-consejos-para-no-perder-informacion-valiosa/</span></a></p><p><a href="https://mas.to/tags/Cifrado" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cifrado</span></a> <a href="https://mas.to/tags/Seguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Seguridad</span></a> <a href="https://mas.to/tags/Ciberseguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ciberseguridad</span></a> <a href="https://mas.to/tags/SeguridadInform%C3%A1tica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SeguridadInformática</span></a> <a href="https://mas.to/tags/Privacidad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacidad</span></a> <a href="https://mas.to/tags/PrivacidadInform%C3%A1tica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacidadInformática</span></a> <a href="https://mas.to/tags/GNU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNU</span></a> <a href="https://mas.to/tags/GNULinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNULinux</span></a> <a href="https://mas.to/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mas.to/tags/Negaci%C3%B3nPausible" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NegaciónPausible</span></a> <a href="https://mas.to/tags/TrueCrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrueCrypt</span></a> <a href="https://mas.to/tags/VeraCrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VeraCrypt</span></a> <a href="https://mas.to/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> <a href="https://mas.to/tags/Backup" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backup</span></a> <a href="https://mas.to/tags/Backups" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backups</span></a> <a href="https://mas.to/tags/Resguardo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Resguardo</span></a> <a href="https://mas.to/tags/Resguardos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Resguardos</span></a> <a href="https://mas.to/tags/CopiaDeSeguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CopiaDeSeguridad</span></a> <a href="https://mas.to/tags/CopiasDeSeguridad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CopiasDeSeguridad</span></a> <a href="https://mas.to/tags/Kubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubuntu</span></a> <a href="https://mas.to/tags/CryFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryFS</span></a></p>
kiwi46678<p>I just installed Arch manually, but now it fails to boot. It only asks to unlock nvme1n1p1, but not the root, leading to a "failed to find root" error.</p><p>fstab seems correct. I suspect the issue is in crypttab.<br>Does anyone know a good blog post or guide to set it up correctly? I feel like I’m close to solving this.</p><p><a href="https://social.tchncs.de/tags/ArchLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArchLinux</span></a> <a href="https://social.tchncs.de/tags/Btrfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Btrfs</span></a> <a href="https://social.tchncs.de/tags/LVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LVM</span></a> <a href="https://social.tchncs.de/tags/LUKS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LUKS</span></a> <a href="https://social.tchncs.de/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a></p><p>1/2</p>
Milan<p>jetzt meldet sich noch ein anderer bekannter der <a href="https://social.tchncs.de/tags/solus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>solus</span></a> updates gefahren hat und jetzt beim boot sein <a href="https://social.tchncs.de/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a> nicht mehr entschlüsseln kann wtf.</p>
Liane M. Dubowy<p>Mein Backup der wichtigsten Sachen habe ich immer dabei – auf einem USB-Stick am Schlüsselbund. Der ist natürlich verschlüsselt, damit im schlimmsten Fall die Daten nicht in falsche Hände geraten. Hier mal ein sehr einfacher Weg, einen Stick oder eine externe SSD/Festplatte unter <a href="https://social.tchncs.de/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> zu verschlüsseln:</p><p><a href="https://youtu.be/bsKOfxbVnjo" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/bsKOfxbVnjo</span><span class="invisible"></span></a></p><p><a href="https://social.tchncs.de/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://social.tchncs.de/tags/dm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dm</span></a>-crypt <a href="https://social.tchncs.de/tags/luks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>luks</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload