In this lab you will create an encrypted directory using eCryptfs. Next, you will “mount” the directory in order to access files stored there.
You are working as a System Administrator at a large financial institution and have been tasked with creating an encrypted directory using eCryptfs on a user’s workstation running SUSE Linux Enterprise Server 15. You will need to log into the remote workstation and complete the following tasks to accomplish this:
1. Confirm the kernel module.
2. Install ecryptfs packages.
3. Add a passphrase to kernel keyring.
4. Create directories.
5. Mount the filesystem.
Successfully complete this lab by achieving the following learning objectives:
- Confirm the Kernel Module
Confirm the kernel module:
sudo modprobe ecryptfs
- Install eCryptfs Packages
Install eCryptfs packages using
zyppercommand on SUSE:
$ sudo zypper install ecryptfs-utils
- Add Passphrase to Kernel Keyring
Add a passphrase to kernel keyring. Be sure to save the key signature, as it will be required when mounting the filesystem:
$ ecryptfs-add-passphrase $ export KSIG=
- Create Directories
For encrypted data:
$ mkdir secret-enc
For decrypted data:
$ mkdir secret
- Mount the Filesystem
Confirm the environment variable
$KSIGwas properly set from
ecryptfs-add-passphrasein previous step:
$ echo $KSIG $ sudo mount -i -t ecryptfs secret-enc/ secret/ -o ecryptfs_sig=$KSIG,ecryptfs_fnek_sig=$KSIG,ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_unlink_sigs