Find the answer to your Linux question:
Results 1 to 10 of 10
Hi all I bought a 500GB Western Digital external harddrive today. I would like to create one huge ext3 partition on it and use it for file storage. However, I ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! robz0rz's Avatar
    Join Date
    Apr 2007
    Location
    Germany
    Posts
    19

    Encrypting USB external harddrive


    Hi all

    I bought a 500GB Western Digital external harddrive today. I would like to create one huge ext3 partition on it and use it for file storage. However, I would like to use some sort of encryption (I don't want anyone else to be able to access the data I will be storing on it). I know absolutely nothing about encryption that could help me right now. These are some questions

    HOW do I encrypt my drive???
    Should I encrypt the partition before putting any data on it, or can a full encryption be enforced even after data has been stored (meaning all the data on it would get encrypted)
    What are my choices of encryption? What do I want?
    How much does encryption affect the drives performance?
    Could I have some sort of automatic way that would automaticly open the drive for access once I login (through a startup script for example) without severly decreasing the security (people finding out the key by stealing my laptop for example)?


    Thanks in advance

  2. #2
    Linux Guru
    Join Date
    Nov 2007
    Posts
    1,756
    HOW do I encrypt my drive???
    Depends on which encryption scheme you use.

    Should I encrypt the partition before putting any data on it, or can a full encryption be enforced even after data has been stored (meaning all the data on it would get encrypted)
    Depends on the encryption scheme, but for most Linux options, you create an encrypted container (hard drive, partition, file) first, and then put data in it.

    What are my choices of encryption? What do I want?
    You have to decide what you want. Not all encryption options are created equal. Some use bad choices/assumptions that lead to easily cracked data. Linux Magazine Issue 72 had a good article on encryption options - article "Encrypted Filesystems." My own preference is the LUKS-enabled cryptsetup command.

    How much does encryption affect the drives performance?
    This depends on the hardware.

    Could I have some sort of automatic way that would automaticly open the drive for access once I login (through a startup script for example) without severly decreasing the security (people finding out the key by stealing my laptop for example)?
    Yes, up to a point. You can use a script that runs the commands to mount the partition, but of course it requires the manual input of the passphrase. Storing the passphrase anywhere on the system (or anywhere else) would defeat the purpose.

  3. #3
    Linux Newbie Ziplock's Avatar
    Join Date
    Jan 2009
    Location
    Adelaide
    Posts
    169
    LUKS is a great way of doing it. A google search will find plenty of howtos. The best part is that it can be used between Linux and Windows.

  4. #4
    Just Joined! robz0rz's Avatar
    Join Date
    Apr 2007
    Location
    Germany
    Posts
    19
    I decided to go with LUKS. I've managed to encrypt my external harddrive, and when I connect it, Gnome automatically prompts me for the passphrase. This is all wonderful, except that for some reason, when the drive gets mounted, I don't have writing privileges to it being a normal user...

    Should I make a special entry for this drive in /etc/fstab or in /etc/crypttab so that I can access the drive as a user? If so, what would that be?

    I don't understand why I'm not allowed to write to it... Any normal usb-stick (Fat32) is mounted as read-write, so why would a external harddrive (ext3+luks) be different?

  5. #5
    Linux User vickey_20's Avatar
    Join Date
    Mar 2009
    Location
    Mumbai, India
    Posts
    493
    are you using a superuser account or a under privileged account?

  6. #6
    Just Joined! robz0rz's Avatar
    Join Date
    Apr 2007
    Location
    Germany
    Posts
    19
    I'm using an ordinary user account (not superuser). I'm using Arch Linux with Gnome, and when I plugin my drive, it prompts me for the passphrase and it mounts as '/media/WDMyBook'.

    However, I don't have any writing rights to this drive (I guess I have read rights, but seeing the drive is empty I can never be sure. There is a lost+found folder though)

    The drive is formated as ext3.

    Here is a screenshot of the volume#s properties in gnome with some more information:

  7. #7
    Linux Newbie Ziplock's Avatar
    Join Date
    Jan 2009
    Location
    Adelaide
    Posts
    169
    Once the device is mounted, you need to do:

    Code:
    chmod 775 /media/WDMyBook
    to set the permissions properly for writing.

  8. #8
    Linux User vickey_20's Avatar
    Join Date
    Mar 2009
    Location
    Mumbai, India
    Posts
    493
    you can change the permission or simply use a superuser account as it has all the permissions.

  9. #9
    Linux Newbie Ziplock's Avatar
    Join Date
    Jan 2009
    Location
    Adelaide
    Posts
    169
    Quote Originally Posted by vickey_20 View Post
    you can change the permission or simply use a superuser account as it has all the permissions.
    Yes, you can log in as root and do it, but much better to set up the permissions so that it is run as the normal user. Below is a link to the reasons why:

    EXPLAIN: Why Not Log On As Root? : New Linux User -

  10. #10
    Just Joined! robz0rz's Avatar
    Join Date
    Apr 2007
    Location
    Germany
    Posts
    19
    In fact, the correct permisions were 777. Now it works The owner of the drive is set as root and the group is also root. So I had to give "others" read/write/exec permissions aswell.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •