Page 2 of 2

How To Encrypt Your Home Folder in Linux

In this post I give a short explanation of how to encrypt your home folder in Linux. Why should you encrypt your home folder? When you use a laptop and you take it with you all the time it’s important to protect it. Unfortunately a good log-in password isn’t enough to stop someone from accessing your data when your laptop gets stolen. Your log-in password can be circumvented with any Linux Live CD. Therefore it’s important to encrypt your data and I will explain how you can do that on your (installed) Linux laptop. This how-to is written for Linux Mint (Debian) but it should also work for other distributions (like Ubuntu). You can use it to encrypt your home folder after installing Linux.

Step 0: Backup your (unencrypted) home folder

Before you start, you should backup the important files in your home folder. You can do this by copying your home folder to an external drive or by using cloud storage. But this shouldn’t be a problem because you should always have backups ūüėČ (if you don’t, read this).

Step 1: Install the ecryptfs-utils package

You can do this using the command:
sudo apt-get install ecryptfs-utils

Step 2: Configure the ecryptfs module to load at startup.

You do this by adding ecryptfs to the /etc/modules file.

Step 3: Restart your system so that the ecryptfs module loads.

Step 4: Log in as root in a terminal

BEFORE you log in with your regular user name in the (graphical) log-in window, go to a non-graphical log-in terminal by pressing CTRL+ALT+F1. There you log in as root.

Step 5: Start the encryption of your home folder

In the terminal where you logged in as root, enter the following command where you replace USERNAME with your own username:
ecryptfs-migrate-home -u USERNAME

The script will ask you to fill in the password of your normal Linux account (of which you want to encrypt the home folder). After that the encryption starts. This can take a while depending on the number of files you have in your home folder. Wait for the encryption to complete.

Step 6: Log in with your username and password

DO THIS BEFORE REBOOTING YOUR SYSTEM! Go back to the graphical log-in window by pressing CTRL+ALT+F7. Log in and verify that your files are still present and that you can read them. If this is not the case, you should restore the backup you made in step 0 or the backup generated by the script that looks like USERNAME.d5JafeTE (in the home directory).

Step 7: Backup your randomly generated mount passphrase

The ecryptfs utility generated a mount passphrase that is necessary to mount your encrypted data. The mounting happens automatically when you log-in but not when approaching the data from another Linux installation (like a live CD). Then you need to give the mount passphrase and that’s why you should save it on some external medium. You can display your current mount passphrase using the command:
sudo ecryptfs-unwrap-passphrase

Step 8: Restart your system and verify your data again.

Just to be sure, restart your computer again and verify that you can read your data after logging in.

Step 9: Remove the backup folder generated by the script

After you made sure that your data is alright, you can remove the backup of your home folder that was generated by the script. This folder is located in /home and looks like USERNAME.d5JafeTE

Step 10: Enjoy your newly encrypted home folder.

I would like to end this post with some remarks:

  • The encryption of your home folder has a noticeable impact on the performance of your system. The impact is minimal and your system stays absolutely usable. Just take it into account when doing this.
  • Make sure you have unencrypted backups of all your data for when your Linux system breaks and you lost your mount passphrase (or the encryption went corrupt). When your data is encrypted, there is no way of retrieving it with a live CD.
  • Dropbox and SpiderOak have no problem with the encryption and your data is readable when you access it from another SpiderOak or Dropbox client (on a different computer). It is possible that they start uploading after the first reboot, but they only upload information about the ‘last-modified’ meta data of the files (and that changed since the files where encrypted). I haven’t tested with other could storage solutions, but I expect that they’ll behave in a similar way.

Happy encrypting!

Improving the Security of Your Online and Mobile Life

The past few days I’ve been busy working on the security of my online and mobile life and in this post I want to share the things I learned while doing so. I will also discuss some great apps I discovered that can help you improve your security A LOT! These are the apps that I personally use or think that are worth mentioning. If you have suggestions of your own, please feel free to leave them in the comments bellow. Some of the links mentioned in this post are referral links. When using that link to register to the corresponding service, we both get some benefit ;-).

Passwords, Passwords and More Passwords

Do you also have a ton of accounts on different websites and forums? And do you also use only one to seven passwords you know by heart? If you do, than you’re in the same situation I was almost two years ago. ¬†The problem with having only seven passwords you (can) remember is that on a lot of sites you use a duplicate password. And if one of those sites isn’t that securely protected or if your password wasn’t that strong, then you have a problem.

Another issue with passwords is that they are hard to remember. If you want to properly protect your personal email, PayPal or even Facebook and Twitter account, you better create a long password containing more than¬†15¬†characters. Plus your password should contain small letters, capitalized letters, numbers and symbols and should not be easy to reconstruct. A rule of thumb is that the more ‘random’ your password is, the more secure it is.

But remembering a random password of more than 15 characters isn’t easy. It’s even more difficult to remember one for each different website (or social network) you register. And here is where a good password manager comes in. Before I always felt like that a password manager limited me because when I use a friend’s computer, I don’t have my passwords with me (because he doesn’t have the same, or no password manager). But then I realized that in 98% of all the sites I log in to, I’m doing it on my own computer. So I only have to remember passwords for those other 2% which I do access from other computers and this is what convinced me to use LastPass!

LastPass is a password manager that works almost literally on every platform and every Internet browser. It also provides seamless synchronization but the one feature that makes LastPass for me the best password manager is the way they store and secure your passwords. All your passwords are locally encrypted on your computer using a key based on your master password and then sent to the LastPass servers. ¬†So the people at LastPass can never see your (unencrypted) passwords (or the website where you have an account) and your master password is never sent to LastPass. This makes LastPass very secure to use and I’m not the only one who thinks that. A drawback of this is that there is no “forgot my password” function. They also give you other cool tools like a generator for secure passwords, mobile applications, a security check tool to keep you sharp, multi-factor authentication… And almost all these features are completely FREE! But LastPass is just my favorite, there are also many alternatives.

Backups, Backups and Synchronization

The next thing I would like to this discuss is backup software. Everyone should make backups of their files but I know too many people who still don’t. And this while, with the emergency of cloud storage, making backups has never been so easy!

Another problem I have is that I use many different¬†devices¬†and platforms. I use my laptop which runs Windows and Linux. I also own an old desktop computer which I use ¬†now and then and I have my smart phone. If you also use multiple devices, you know that having all your files in one place is difficult and that they’re always in the wrong place.

But luckily there are two (and more) great applications that solve both problems: Dropbox and SpiderOak. I don’t think Dropbox needs any introduction and I recommend it to most (inexperienced) friends because of its ease of use. But I want to give some more attention to¬†SpiderOak¬†that I discovered after reading this article on Ars Technica. SpiderOak is a bit more complicated to use and setup than Dropbox and it isn’t that feature rich (like uploading files through the web interface, a mobile photo and file viewer…) but it has one big advantage over all other cloud storage applications: security and privacy. Very similar to LastPass, SpiderOak encrypts your data locally with a key based on your password and then sends the encrypted data (in different blocks) to the SpiderOak servers. Your password is never sent or stored at the SpiderOak servers so they have no way to actually read or use your data. In this way they¬†guarantee¬†your privacy.¬†SpiderOak also handles local backups, synchronization, sharing and online access. They also offer a nice educational discount which is very¬†convenient¬†in my case. If you want an alternative to SpiderOak, there is Wuala. They do about the same as SpiderOak but I haven’t tried it myself. So let me know what you think about it in the comments below if you used it.

I’m currently using both SpiderOak and Dropbox. I use Dropbox for easy¬†synchronization¬†and sharing with friends who exclusively use Dropbox. And I’m using SpiderOak to back up and synchronize more personal data (like pictures, videos, contact details, thesis, research stuff…) because of it’s added security and privacy.

It’s small, smart and when you lose it, you have a problem

To finish this post (before it gets too long) I want to tell you about something I realized only a few days ago. I have an Android smart phone with a lot of different apps. I use it as my phone but also to check my email, manage my calendar, update my blog… But then I suddenly realized that my phone knows a lot about me. And with all those apps, it has access to a lot of my online accounts. It¬†startled¬†me even more that the only protection that my phone offered is an unlock key or pattern.

I started my quest to find an app that fixes this issue and there are actually a lot (strange that I didn’t saw them earlier). These are the ones I selected: Kaspersky Mobile Security, Lookout Security & Antivirus¬†and Norton Antivirus & Security (these are links to the Android apps, but most of them have iOS versions too). All these apps offer antivirus scanning but also, and more relevant to my problem, remote locking and wiping of your phone. So if you lose your phone, you can send a message to it (either by SMS or the Internet) and then the application will lock your phone and/or wipe all personal data from it. When you locked your phone and you find it again, you can unlock it with some secret code.

Conclusion

LastPass is really a must-have because having different, secure passwords for every account is very important and LastPass helps you with this for free and in a very secure way. Having (off-site) backups of your data is also very important but privacy is a major concern here. I think SpiderOak and Wuala are the only cloud storage providers that offer you complete privacy and security, so I recommend that you give them a try. Your smart phone probably has access to a lot of your personal data so protecting it is very important. Therefore you better install a remote locking and wiping application so losing your smart phone doesn’t end in a personal catastrophe.

That’s it for today! I hope you discovered some new, interesting applications and that you use them to improve the security of your online and mobile life.

Stop the blinking wireless LED in Linux

I’ve recently had some problems with the wireless LED of my laptop in Linux. I have a Intel WiFi Link 5100 but this also applies to other Intel WiFi cards.¬† The LED that indicates that my WiFi is enabled or not, was blinking every time the WiFi card transmitted or received data. This seems like some special feature Intel introduced but it is really very annoying! Luckily you can stop the blinking, but this depends on your kernel version so make sure to look into the right section. I’m posting solutions for Linux Mint (Debian), Ubuntu and Arch Linux but I think this will also work for other distros.

Kernel version lower than 3.2.0

Put this text

options iwlagn led_mode=1

in the following file (possibly you have to create the file):

  • Linux Mint (Debian) or Ubuntu: /etc/modprobe.d/iwlagn.conf
  • Arch Linux: /etc/modprobe.d/modprobe.conf

Now restart your system or reload the WiFi driver using:
sudo -i
modprobe -r iwlagn && modprobe iwlagn

If that doesn’t work, you can try putting the following in the same file:

options iwl_legacy led_mode=1

Kernel version greater or equal to 3.2.0

Put this text

options iwlwifi led_mode=1

in the following file (possibly you have to create the file):

  • Linux Mint (Debian) or Ubuntu:¬†/etc/modprobe.d/wlan.conf
  • Arch Linux: /etc/modprobe.d/modprobe.conf

Now restart your system or reload the WiFi driver using:
sudo -i
modprobe -r iwlwifi && modprobe iwlwifi

If that doesn’t work, you can try putting the following in the same file:

options iwlegacy led_mode=1

This fixed stopped the blinking on my laptop and I hope it also works for you!

LaTeX Template for Use Cases

This is just a quick post about a \LaTeX template I recently created. I’m currently doing a project on Software Architecture (designing a big and complicated application) and we had to write lots and lots of use cases. I searched the Internet for a nice \LaTeX template or environment to write my use cases in, but I couldn’t find one. Therefor I created my own usecases package that adds an environment to write use cases in. I based my package on this post. You can download the template, style file and an example PDF HERE.

To use the package, please follow these steps:

  1. Drop the file usecases.sty in the same folder as your root \LaTeX file.
  2. Include the usecases package in the preamble of your root file with the command:
    \usepackage{usecases}
  3. Within your document, you can now use the usecase environment (make sure to take a look at the template file)

I’ll also give you a short manual:

  • \begin{usecase} ... \end{usecase}: These commands define the use case. All the following commands should be within this environment.
  • \addtitle{Use Case X}{Title}: This should be the first command you use in the use case environment. You can use it to show the use case number and the title.
  • \addfield{Property:}{Value}: With this command, you can add a line with a use case specification. For example preconditions, postconditions, scope…
  • \additemizedfield{Property:}{\item Value}: This command is similar to the \addfieldcommand but the values (must) appear in a bullet list.
  • \addscenario{Scenario Name:}{\item Xth step}: Here you can specify the main (or an alternative) use case scenario. There are examples of both in the template.

In the file usecases.sty you can easily change the style for the use cases. The template you can download is based on the use case template presented in the book Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and Iterative Development (3rd Edition) by Craig Larman. Don’t expect too much of this template, I just created it for my project.

I hope this is useful to someone!

DOWNLOAD TEMPLATE >>>

Creating my own little space on the Internet

This is the first blog post on my new blog! In this post I would like to explain what the purpose of this blog and website is and why I created it. I’ve set up this website because I wanted “my own space” on the Internet. There are three main reasons for that:

1. Contribute to the general knowledge of the Internet

This is a first and also fairly ambitious goal. When I’m developing software or doing some other task, the Internet (and it search engines) are my best friends and my main source of information. When I run into a problem, most of the time I use the ‘general knowledge’ on the Internet to solve it. When I’m¬†buying¬†a new gadget, I look for user reviews and opinions on the Internet to make the best buy. And after making use of this knowledge for so many times, I decided to give something back to ‘the Internet’.

I will do this by posting tutorials, how-to’s, reviews, specifications, solutions to problems I run into… on my blog. So my blog doesn’t really have a fixed subject and that is how I want it. It is made to be indexed by search engines and for people querying the knowledge of the Internet to be found.

2. One space to rule them all!

A second purpose of this web space is creating one¬†single website where people can find me. With all those different social networks I have a lot of different profiles on different sites. So when I meet new people, this is a recurring scenario: “Let’s keep in touch! This is my Facebook profile… and here is my Twitter profile… Oh and this is my LinkedIn profile and my e-mail…”. And after giving him a lot of links, I would still forget half of them. And personally I also think it is confusing that there are multiple pages (URI‘s) representing me on the internet.

So I wanted to create a space on the Internet where I could concentrate all these profiles and all the information about me. It will be like my personal social (media) hub. I will be integrating my social media profiles into this site and maybe I will experiment with creating a wall or something like that…

3. Representing myself on the Internet in my own way.

This final reason is somewhat related to the previous one. The limitation that social networks and other websites have is that you don’t have full control over your own profile and the content you provide. But with a site of my own, I do have full control: I can write what I want, in the layout that I want and when I want. And most importantly… I own every thing I publish (which is quite different in some social networks). I just wanted a place¬†that comes with no tricks or large “Terms of¬†agreement”.

But this site will also be about me, like a kind of ‘portfolio’ including (completed) projects. Maybe I’ll even add a gallery in the future…

I hope I can keep up maintaining this website and publishing (useful) content on it for many years. Nevertheless I wish you a happy reading!

ATI Mobility Radeon HD 3650 on Linux/Ubuntu

*** This post was imported from my previous blog, last edit on 17/11/2012 ***

Posted by Tom Desair Sep 11, 2009 12:10:54

After cruising the internet for several days I’ve been able to install the proprietary Linux drivers from ATI for my Mobility HD 3650 on my HP EliteBook 8530p.

Here’s a small how-to for the installation:

First follow this guide: http://wiki.cchtml.com/index.php/Ubuntu_Precise_Installation_Guide using the “Installing the drivers manually ” section.

*WARNING*: The last supported driver version for this card is 12-6. Download it using the command:
wget http://www2.ati.com/drivers/legacy/12-6/amd-driver-installer-12.6-legacy-x86.x86_64.zip

*WARNING 2*: Several people told me that there are problems with Ubuntu 12.10 and its version of X.Org server. I don’t have a solution to this yet because I use Ubuntu 12.04 at the moment.

BUT BEFORE YOU RESTART you also have to run the following command:
sudo aticonfig --acpi-services=off

Now you’re good to go and you can restart your system. Normally everything should be working fine. If this is not the case, you can uninstall the ATI driver using:
sudo apt-get remove --purge fglrx*

And then replace the xorg.conf file with the original one (both found in the /etc/X11/ directory)

Installing the proprietary drivers also increases a lot the battery life of the HP 8530p because now you can use ATI’s PowerPlay. Let me know in the comments below if this worked for you or not and if you are still experiencing problems with the driver.

Greetz and good luck,

Tom

© 2017 Tom's Webspace

Theme by Anders NorénUp ↑