A user comes to you and explains that she needs some form of encrypted file system to store sensitive information on a Flash drive.
The Flash drive will be used to transport the sensitive data between work and home and she is worried about loosing the drive and having the data stolen. Both machines, the one at home and the one at work, use the same Linux OS.
She has the following requirements:
She does not want to encrypt individual files as she has to deal with a large number of files.
She wants it to be as transparent as possible.
She thinks she will only need about 64MB at most.
She wants to also use the ash disk for transporting unencrypted les. Files that can be read on machines apart from her work and home machines.
A 64MB file that contains an encrypted file system, stored on the Flash drive would appear to be ideal|
a. Create a 64MB encrypted file system in a file on a Flash drive so that it can be used with the cryptmount command.
Document and explain in your own words every command you use (plus any command line options) and any conguration files you modify or create. Your descriptions of each operation need to show you understand the purpose of the operation.
Note: If you are uncertain why a particular command or command line option is required|ask! There is at least one step and command line option that you cannot understand from the information in the man page alone! It will require some research!
b. Things you must also address and explain:
how to ensure that the Flash drive has exactly the same mount point each time it is used on dierent machines. If it does not have the same mount point then how do you congure cryptmount paths?
how to manage the file-system encryption keys.
c. Write an instruction sheet for the user so that she can make the modications to her home machine so that she can access the file on the ash drive containing the encrypted file system. Also explain how she would use the filesystem in her day-to-day work.
You may assume that she has root access to be able to configure her home machine to mount an encrypted file-system