DJRepresent

Hi,


How secure are my files in Linux? If lets say I want to keep certain documents hidden from others, is there a way to protect them better than what NTFS currently offers?

By saying NTFS I mean that in a Windows based machine, one could always unscrew the hard drive and load it onto another computer as a slave or via USB, take ownership, and download the files. I heard that on Linux you can password protect certain files / directories and if you forget your password, you've lost your data for good.

I'm wondering what I look up to find out more about this. I use Ubuntu myself.

Thanks

DJ

daark.child

Encryption is probably what you are looking for. You can encrypt some partitions, directories and files. I've never done this before so can't provide specific details, but maybe a google search may help.

i92guboj

The linux filesystems are more secure in the sense that they provide a proper file permissions system, unlike FAT. NTFS has some permissions scheme, and can use access control lists, but, sincerely, I never bothered with that, so I can't answer your question.

There's no need to waste that much effort. Just put a linux livecd on your drive. Since you will be logged a root, you can mount any drive and do whatever you want with it, as long as you have the needed driver to access the filesystem. In this regard, all the OSes are equally vulnerable. That is, unless the contents of the drive is encrypted.

If the volume is encrypted then you need the password to decrypt it. That, or to have the matrix on your side to crack it :P

If booting from cd is disabled, reset the BIOS by ripping out the battery and configure it to boot from CD. If there's no cd, then usb. If not, rip out the drive and use it in another box.

What I want to imply here is that, if there's physical access, and you are not limited by time constrains, you can do whatever you want. It doesn't matter how secure the OS is.

Neither of these affirmations is true *by definition*. Though there are some things to speak about here.

First, you can't protect a folder directly, nor a file. But you can use encryption to encrypt anything. You can do so on files with windows so. You just need to use the correct software.

However, the advantage in linux is that you can encrypt a filesystem. So, if you want to secure your home directory, you can just mount it into another partition or disk and encrypt that disk as a whole, making it transparent, so you don't have to use programs to pack/unpack, encrypt/decrypt stuff.

Second, if you value your info, you don't lose your password. Technically, you can crack almost anything if you have infinite machine power and infinite time. But we can assume than a strong encryption algorithm will mean lost data if you lose the password. Yes.

You should read on filesystem encryption.

A random google result related to ubuntu:
Filesystem Encryption [Archive] - Ubuntu Forums

Note, however, that this is all at cost of some performance penalty, since anything being read or written will need to be encrypted/decrypted, and that takes some cpu cycles and ram.

Gtrax

There are several ways you can easily get to use encryption with Linux. Think first how best you might use them. A good start is to try out TrueCrypt.
Here is a link for you TrueCrypt - Wikipedia, the free encyclopedia

I use PCLinuxOS, and I found the Synaptic package manager had a ready-made install that went in a a minute or so. For my needs, I encrypted an entire USB volume. You can, instead, make a volume that appears as a scrambled file, and you can include a Windows Truecrypt executable that allows you to stick it into nearly any PC, copy to it just like any normal drive, and carry the data away securely. The volume is mountable by both Linux and Windows PCs.
Truecrypt has the feature that at no stage does any unencrypted stuff ever visit a writeable storage medium. For me, it was a good way to start using encryption while learning, and to keep private financial stuff private while being able to carry it about, and not be concerned if it was lost/stolen/forgotten.

You can use any of several methods to encrypt a partition, making it appear as a normal drive until you dismount it. You can make an encrypted /home and swap partition, either during distro install or afterward. Debian installs offer it as an option from the beginning. It does not make sense to encrypt the Linux system and application files. They are public anyway, subject to frequent updates and changes, and would cause some unnecessary performance slowdown.

Then - there is using GPG to encrypt files you may wish to send to others, or to simply mail them to yourself in web-based email like Google's gmail as a means of securelyarchiving data you never want to lose.

Finally - use a firewall like GuardDog. Linux distros normally come with a default configured firewall. If you have a local network, you can arrange that all communication is scrambled, and exchanges only take place via strict authentication handshaking protocols. You can make a Linux system as tightly buttoned up as you desire. Google for information on hardened distros, and selinux. You can learn a lot by reading about how to set up a network and server, from articles available on this site.

i92guboj

Just a note: guarddog is not a firewall. It's a frontend. The firewall is iptables: the only firewall avaiable for linux, as far as I know.