In this lab you will create an encrypted directory using eCryptfs. Next, you will “mount” the directory in order to access files stored there.
You are working as a System Administrator at a large financial institution and have been tasked with creating an encrypted directory using eCryptfs on a user’s workstation running SUSE Linux Enterprise Server 15. You will need to log into the remote workstation and complete the following tasks to accomplish this:
1. Confirm the kernel module.
2. Install ecryptfs packages.
3. Add a passphrase to kernel keyring.
4. Create directories.
5. Mount the filesystem.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Confirm the Kernel Module
Confirm the kernel module:
sudo modprobe ecryptfs- Install eCryptfs Packages
Install eCryptfs packages using
zyppercommand on SUSE:$ sudo zypper install ecryptfs-utils- Add Passphrase to Kernel Keyring
Add a passphrase to kernel keyring. Be sure to save the key signature, as it will be required when mounting the filesystem:
$ ecryptfs-add-passphrase $ export KSIG=- Create Directories
For encrypted data:
$ mkdir secret-encFor decrypted data:
$ mkdir secret- Mount the Filesystem
Confirm the environment variable
$KSIGwas properly set fromecryptfs-add-passphrasein previous step:$ echo $KSIG $ sudo mount -i -t ecryptfs secret-enc/ secret/ -o ecryptfs_sig=$KSIG,ecryptfs_fnek_sig=$KSIG,ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_unlink_sigs
