Mounted LUKS file turns into plaintext directory

Multi tool use
Multi tool useThe name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP


Mounted LUKS file turns into plaintext directory



I followed the CentOS instructions to create a Linux Encrypted Filesystem with dm-crypt.



This results in what appears to be an encrypted file mounted as a file system, when I checked losetup -l, mount -l and cryptsetup status secretfs, everything looked as would be expected.


losetup -l


mount -l


cryptsetup status secretfs



After restarting the computer, and without issuing any commands to losetup, cryptsetup and mount, the mounted (before restart) encrypted file (secretfs mounted at /mnt/secretfs) has turned into a normal plaintext folder, all files that existed in the mounted encrypted file, are readable at /mnt/secretfs without having to open the encrypted file and mount it.


losetup


cryptsetup


mount


secretfs


/mnt/secretfs


/mnt/secretfs



This was unexpected and appears to make mounting an encrypted file insecure, I would appreciate any guidance to ensure that mounting an encrypted file always requries the passphrase to view it's contents and those contents are not copied to an unencrypted location.



Script


#!/bin/bash

set -e

# encrypted disk
dd of=secretfs bs=20G count=0 seek=8
chmod 600 secretfs
losetup /dev/loop0 secretfs
cryptsetup -y luksFormat /dev/loop0
cryptsetup luksOpen /dev/loop0 secretfs
cryptsetup status secretfs
mke2fs -j -O dir_index /dev/mapper/secretfs
tune2fs -l /dev/mapper/secretfs
mkdir /mnt/secretfs
mount /dev/mapper/secretfs /mnt/secretfs









By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

437WD5 lpd464YFTYr NADsXGQOhcaHO1Smo82211N VY1502UIbAQ2bOz9jKSsw1,FHdp 6U1V GHEavL8IIOpgy,l
-
Hsa 1AH6,ZAlAg

Popular posts from this blog

Keycloak server returning user_not_found error when user is already imported with LDAP

Keycloak server returning user_not_found error when user is already imported with LDAP I am currently running a keycloak server as a service in a kubernetes cluster. I can access it perfectly with the initial keycloak admin account and used it to setup a new realm using LDAP for User Federation. The connection and queries seem to work fine as a I can search for Users and they pop up with their correct username, first name, last name and e-mail so all seemed fine. When I then log out and try to log in with a normal user account that exists in the AD and has been imported I just find get the following error: WARN [org.keycloak.events] (default task-8) type=LOGIN_ERROR, realmId=master, clientId=security-admin-console, userId=null, ipAddress=<my ip>, error=user_not_found, auth_method=openid-connect, auth_type=code, redirect_uri=http://myserver.com/auth/admin/master/console/#/realms/MyRealm, code_id=a8ca7f06-dfec-4e6e-8f6b-74eb871f71da, username=myUser So it seems that in some way wh...
Read more

PHP parse/syntax errors; and how to solve them?

Image
PHP parse/syntax errors; and how to solve them? Everyone runs into syntax errors. Even experienced programmers make typos. For newcomers it's just part of the learning process. However, it's often easy to interpret error messages such as: PHP Parse error: syntax error, unexpected '{' in index.php on line 20 The unexpected symbol isn't always the real culprit. But the line number gives a rough idea where to start looking. Always look at the code context . The syntax mistake often hides in the mentioned or in previous code lines . Compare your code against syntax examples from the manual. While not every case matches the other. Yet there are some general steps to solve syntax mistakes . This references summarized the common pitfalls: Unexpected T_STRING Unexpected T_VARIABLE Unexpected '$varname' (T_VARIABLE) Unexpected T_CONSTANT_ENCAPSED_STRING Unexpected T_ENCAPSED_AND_WHITESPACE Unexpected $end Unexpected T_FUNCTION… Unexpected { { Unexpected } } Unexpe...
Read more

Using generate_series in ecto and passing a value

Using generate_series in ecto and passing a value I am trying to use generate_series in this query to get the number of sales in a time period even with the days that have no sales. I got it working with a hard-coded value but now I need to get all the sales since the contract was created. What I have so far: query = from( c in Contract, join: v in Voucher, on: v.contract_id == c.id, join: s in Sale, on: s.voucher_id == v.id and c.id == ^contract_id, right_join: day in fragment( "select generate_series(current_date - interval '60 day', current_date, '1 day')::date AS d" ), on: day.d == fragment("date(?)", s.date), group_by: day.d, select: %{ number_sales: count(s.id), total_value: sum(s.value), date: day.d }, order_by: [asc: day.d] ) Repo.all(query) |> Enum.map(fn entry -> Map.put(entry, :date, Date.from_erl!(entry.date)) end) With this query I get all the s...
Read more