Installing Debian on encrypted block devices (partman-crypto)
This page describes the development of DebianInstaller support for encrypted block devices. The aim is to allow users to setup loop-AES, dm-crypt or LUKS encrypted partitions for the system and data parts during the installation of a Debian system. partman-crypto is intended to use secure defaults for users with little or no experience in encryption, while allowing experienced users to change settings as they require.
Status
The upload of partman-crypto is waiting for loop-AES or LUKS support to work reliably with only packages in the Debian archive. loop-AES support still has some show-stopper bugs. Support for dm-crypt and LUKS is in progress but not complete. See also: partman-crypto [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/TODO?op=file TODO] and [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/BUGS?op=file BUGS]
First stage |
||
partman-crypto |
general |
needs upload |
cdebconf-entropy |
key generation |
in unstable |
gnupg-udeb |
loop-AES keyfiles |
in unstable |
loop-aes-$KVERS-di |
loop-AES kernel support |
in unstable (working out build problems on some archs) |
cryptsetup-udeb |
add cryptsetup udeb |
not fixed ([http://bugs.debian.org/358422 #358422]) |
libpopt0-udeb |
add libpopt0 udeb |
not fixed ([http://bugs.debian.org/358671 #358671]) |
libgpg-error0-udeb |
add libgpg-error0 udeb |
not fixed ([http://bugs.debian.org/358672 #358672]) |
libgcrypt11-udeb |
add libgcrypt11 udeb |
not fixed ([http://bugs.debian.org/358675 #358675]) |
crypto-modules-$KVERS-di |
kernel crypto modules |
in unstable |
Second stage |
||
loop-aes-$KVERS |
loop-AES kernel support |
in unstable |
cryptsetup |
support for cryptroot |
not fixed ([http://bugs.debian.org/358452 #358452]) |
initramfs-tools |
support for cryptroot |
not fixed ([http://bugs.debian.org/348147 #348147]) |
- TODO before beta
- Have all required packages in the Debian archive
- Find good sources of entropy for key creation
- Audit
See also [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/TODO?op=file TODO] and [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/BUGS?op=file BUGS]
- Plans for the future
- Keyfiles on removable media
- Existing (pre-generated) keyfiles
- Encrypted root partition
See also [http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/TODO?op=file TODO]
Ressources
IMPORTANT: partman-crypto is still pre-beta and has not been audited for weak keys, leaking of key data or other implementation flaws. Please don't use it for production before the beta release. |
[http://nusquama.org/~max/d-i/crypto/ Daily builds] ( not ready for use)
[http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto SVN repository]
[http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/README?op=file Documentation for hackers]
[http://svn.debian.org/wsvn/d-i/trunk/packages/partman/partman-crypto/TODO?op=file TODO]
Contributing
People working on partman-crypto currently include
Max Vozeler <max@nusquama.org>
David Härdeman <david@2gen.com>
If you would like to contribute, send feedback, suggestions or criticism, get in touch with us on the Debian Boot mailinglist <debian-boot@lists.debian.org>
Building a partman-crypto enabled iso image
The following steps are currently necessary to build a partman-crypto enabled d-i image (for development purposes only):
$ mkdir crypto-d-i $ cd crypto-d-i $ svn co svn://svn.debian.org/d-i/trunk d-i $ cd d-i/installer/ $ dpkg-checkbuilddeps || echo "Some build-dep packages missing, please install (see list above)" $ cd build $ cat > pkg-lists/local <<EOF partman-crypto cdebconf-newt-entropy loop-aes-\${kernel:Version} [2.6] crypto-modules-\${kernel:Version} [2.6] mount-aes-udeb gnupg-udeb cryptsetup-udeb EOF $ cd ../../packages/partman/partman-crypto/ $ dpkg-buildpackage -I.svn -us -uc -rfakeroot $ cp ../partman-crypto*.udeb ../../../installer/build/localudebs/ $ cd ../../../installer/build/localudebs/ $ wget http://people.debian.org/~mejo/cryptsetup/cryptsetup-udeb_1.0.2+1.0.3-rc3-2_i386.udeb $ cd .. $ fakeroot make build_netboot $ ls -al dest/netboot/mini.iso
Key generation in d-i
Encryption keys for loop-AES are created from /dev/random. It is important that we have a good source of entropy to allow us to extract the required amount of key data from /dev/random (each loop-AES v3 key requires 2925 bytes of random data). Currently the low amount of entropy in the kernel pool causes the key generation to block for a long time.
There are some ideas for how to solve this:
- Don't create keys from inside d-i; Ask users to create them on another system and provide them to partman-crypto on a removable device.
- Ask the user to type randomly on the keyboard. This is done by cdebconf-entropy. It turned out that typing alone requires too many key presses to be user-friendly. The plugin is still used to show a progressbar during key creation.
- Use a hardware RNG if available. One problem with doing this is that not many systems actually have a usable hardware RNG and that detecting them is very difficult. There is also the issue of bad HWRNGs that produce low-quality output. Packages like rng-tools implement FIPS-140-2 tests before feeding the kernel pool to protect against this.
- Use non-RNG hardware devices that may produce random output. Examples of this are audio and video devices which can be sourced using audio-entropyd or video-entropyd. Here the problem of low-quality randomness exists as well.
The current idea is to check if rngd (package rng-tools) could be extended to read from one or more FIFOs and character devices, do FIPS tests and feed the kernel entropy pool. If this is feasible audio-entropyd, video-entropyd, software for collecting network traffic timings etc. could be packaged and be made to feed rngd. TODO: Ask hmh@d.o if this approach makes sense and is feasible.
[http://csrc.nist.gov/cryptval/140-2.htm FIPS 140-2]
[http://rfc.net/rfc4086.html RFC4086 - Randomness Requirements for Security]
History
Initial announcement (thread starting at http://lists.debian.org/debian-boot/2005/08/msg00195.html)
First code snapshot with mini.iso (2005-08-05) http://decl.org/~max/debian-installer/