Debian Root Partition Encryption Using LUKS, dm-crypt and a Keyfile

The Problem

Debian has offered the option of encrypting your hard drive during installation for some time, however, it only allows you to unlock the drive using a password which is good but not perfect. Unfortunately the installer also doesn't allow you to install to an pre-encrypted hard drive removing the option of setting up an encrypted partition that is unlocked using a keyfile before hand and installing into it.

The Solution

Since the Debian installer does not work with pre-encrypted drives we have to first install Debian on the drive before it's encrypted with /boot being on its own partition; I will explain why in the following paragraph. We'll then backup the installed root partition to another drive, encrypt the partition and restore the contents of the partition. Then we'll need to manually decrypt the drive, chroot it, set up our boot process using initramfs to ensure the dm-crypt module is loaded and configure the system to decrypt the root partition during boot.
There is one thing to bare in mind when dealing with an encrypted root partition. In order to decrypt the root partition the boot partition must be unencrypted otherwise you'll be caught in a catch 22: You'll need to decrypt your boot partition in order to access the logic you need to decrypt your boot partition. So when setting up the base system be sure to create a /boot partition as well.

Things You'll Need

• Debian (A recent enough version which includes the dm-crypt module and the creyptsetyp package. I have read conflicting reports of this being availible on Debian 6 (Squeeze) but it will be availible on Debian 7 (Wheezy) and later as this is the version I used to set this up for myself.)
• A live CD/DVD/USB. I suggest a recent version of Ubuntu for its hardware compatibility and ease of use, however, as long as it has cryptsetup and the dm-crypt module any should work.
• A second hard drive to backup to and restore the root partition from.
• External storage (be it a USB key, SD Card, etc...) that will be used as the key to unlock the system.

Install the Base System

Installing the base system is outside the scope of the article except for the fact that you must put /boot on its own partition. You will be fine with a /boot partition size of ~100MB-200MB however if you want to be safe and have the extra space it doesn't hurt to make it 512MB.

Backing up the Root Partition

We'll use rsync to backup the root partition to another location so it can be restored to the encrypted partition later.

rsync -aAXv --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found", "/boot/*"} /* /path/to/backup/folder

Command Breakdown

Note you should take a look at the rsync man page for a complete breakdown of this command as I will only be giving a high level overview of it.

• -a Archive mode. This is a short cut for the options -rlptgoD and in essence recurse through all sub directories and preserves things like ownership, permissions and symlinks making it useful for backups.
• -A Preserves ACLs (Access Control Lists).
• -X Preserves extended attributes.
• -v Verbose output.
• --exclude={ ... } Folders to exclude during the backup.
• /* Files we want backed up
• /path/to/backup/folder Where we want to backup the root partition to. This MUST be on a different device.

Boot to Live CD/DVD/USB

Make sure your BIOS is set to boot from the specific device, insert it and go! Note that if you use UEFI it can cause issues booting to a Live CD/DVD as it may trump any settings in your BIOS if your BIOS is configured to use it.

Randomize Disk

This step is important since it can become apparent where you encrypted files are on your drive if you have any uniform data on it. A potential attack can then look through your drive bit by bit and pick out where the contents of files begin and end. Then knowing that they can attempt to brute force the encryption knowing that the chunk of data they have is probably contiguous data. In essence this step adds background noise to your drive so it's not apparent where your files are located on the partition. There are two ways to do this, one more thorough then the other.

Using badblocks

This method works well and is considerably faster then the second method (using dd and urandom), however, it doesn't randomize every bit which leaves the potential for this vulnerability to still be exploited

sudo badblocks -c 10240 -s -w -t random -v /dev/sdb

*Where /dev/sdb is the block device you wish to encrypt

Command Breakdown

• -c 10240 specifiers that you want badblocks to you want to have badblocks test 10240 blocks at a time. This amount is quite excessive as the default is 64 but should make the command run faster as it should better fill the write buffer of the drive.
• -s Shows the progress of the process.
• -w This option tells badblocks to write test patterns to each block and read them back to verify the block's integrity.
• -t random Tell badblocks to write random test patterns.
• -v Verbose mode
• /dev/sdb The block device to test

Using dd and /dev/urandom

This is the more complete way to randomize the disk as every bit gets semi-random data written to it but can take upwards of a two or three days for large devices (1GB+). Note we are using /dev/urandom and and not /dev/random as our input source as /dev/random is very slow at picking up random bits and would take an incredibly long time to fill a drive.

dd if=/dev/urandom of=/dev/sdb iflag=nocache oflag=direct bs=4096

Command Breakdown

• if=/dev/urandom The input file to pull data from.
• of=/dev/sdb The out file to push the data coming from the input file to.
• iflag=nocache Don't cache data coming from the input file
• oflag=direct Write directly to the output file
• bs=4096 The block size, in bytes, to write out.

Prepare Keyfile

dd if=/dev/urandom of=/media/myusbkey/keyfile.enc bs=512 count=1 iflag=fullblock

Command Breakdown

• if=/dev/urandom The input file to pull data from.
• of=/media/myusbkey/keyfile.enc The out file to push the data coming from the input file to. This will be the key file that will have to be present in order for your system to boot.
• bs=512 The block size, in bytes, to write out. This size of 512 is an arbitrary choice of mine and matches the maximum passphrase size for dm-crypt which is 512 characters. However, a keyfile can be up to 8192kB in size and one can make the assumption that the larger the keyfile the harder to gain access to the drive it'll be. However, it's important to note that with LUKS the passphrase/keyfile are just used to unlock the master encryption key which is used to decrypt the drive so in this case having a larger keyfile does not necessarily make it harder to gain access to the drive's contents.

Empty the LUKS Header

Full disclosure: I'm not sure this step is necessary as I have not tested the process without it. If I were to make an assumption this is probably done during the encryption process and shouldn't be required to be done manually.
If you haven't already make sure you've created your partitions you're going to use on the drive. From here on out we'll be working on encrypting the partition it self
Note: In the case of a LUKS partitions the header is the first 592 bytes of the partition, however, due to possible issues with partition alignment the encrypted data area of a LUKS partition doesn't start until after the second megabyte of the drive and header backup processes backup the first 2MB of the drive and as such we will be zeroing out the first 2048 bytes of the partition.

Using Head and Redirection

head -c 2048 /dev/zero > /dev/sda2; sync

Command Breakdown

• head: this command prints the specified number of bytes to standard out.
• -c 2048 This is the number of bytes to print out.
• /dev/zero The file to print out
• &gt Redirect standard output to another standard in.
• /dev/sda2 This is the file we want to direct the output to. This is the block device that represents the partition we are going to encrypt.
• ; Separates multiple commands and tells bash to wait until the preceding command returns before executing the next.
• sync Force the write buffer to flush which makes sure the data has been written to the physical disk.

Using dd

dd if=/dev/zero of=/dev/sda2 bs=512 count=4

• if=/dev/zero The input file is going to be /dev/zero
• of=/dev/sda2 The output file is going to be /dev/sda2. This will be the partition we're encrypting.
• bs=512 This is the block size we're writing out.
• count=4 This is the number for blocks we're writing. In total we're writing 4 * 512 bytes (2MB)

Formatting and Encrypting the Partition

cryptsetup luksFormat --verbose -c aes-xts-plain64 -s 512 /dev/sda2 /media/myusbkey/keyfile.enc

Command Breakdown

• cryptsetup This is a convenience tool which makes encrypting and working with encrypted drives much easier.
• luckFormat This is the type of format we're using for our encrypted partition.
• --verbose Make the output verbose so we can see everything that's going on.
• -c aes-xts-plain64 This sets what cypher to use when encrypting the partition. Note that the default cypher prior to version 1.6.0 is "aes-cbc-essiv" and is considered vulnerable to practical attacks and as such has been changed. To be safe we explicitly set to a secure cypher (Source: Arch Linux: Device Encryption).
• -s 512 The key size that is used to encrypt the drive in bits. This number has to be a multiple of 8 and defaults to 256 if not specified.
• /dev/sda2 The device to format
• /media/myusbkey/keyfile.enc The keyfile we wish to use to unlock the device.

Mapping the Encrypted Partition

In order to mount the partition we have to use cryptsetup to open the drive and create a mapped device which we can treat as a regular block device to mount.

cryptsetup luksOpen --key-file /media/myusbkey/keyfile.enc /dev/sda2 cryptroot

Command Breakdown

• luksOpen This option tells cryptsetup that we're opening an encrypted volume.
• --key-file /media/myusbkey/keyfile.enc Tells cryptsetup where to find the keyfile.
• /dev/sda2 The encrypted block device to decrypt.
• cryptroot The name of the mapped device.

Formatting the Encrypted Partition

mkfs -t ext4 /dev/mapper/cryptroot

Command Breakdown

• -t ext4 Specifies a file system type to format to. The default is ext2
• /dev/mapper/cryptroot The device to format. You'll notice we're accessing the device via its mapped name under /dev/mapper/cryptroot instead of /deb/sda2

Mounting the Encrypted Partition/Filesystem

Create a folder that we will mount the filesystem on top of.

mkdir /media/encrypteddrive

Mount the filesystem via it's mapped name

mount -t ext4 /dev/mapper/cryptroot /media/encrypteddrive

Command Breakdown

• -t ext4 The file system type of the device we're mounting.
• /dev/mapper/cryptroot Again we're interfacing with the device via it's mapped name.
• /media/encrypteddrive Where to mount it.

Get UUID of your USB Key

We will need this when setting up decryption at boot as we'll need to specify the location of the keyfile. The most consistent way to do it is by UUID. It also has the added benefit of requiring a specific device to have the keyfile.

blkid

The above command will usually take a few seconds to run and will return the UUID of all of the storage devices connected to the machine. If you're unsure as to which is your USB Key then run the command once without the key being plugged into the machine then again after plugging it in and finding the new device. If your USB key's partition has a label then it should be displayed next to the UUID after running the command making it easy to pick out the USB key.
Record the UUID of your USB Key somewhre; we will use it in a few steps.

Restoring the Root Partition

rsync -aAXv /path/to/backup/folder /media/encrypteddrive

Command Breakdown

Note you should take a look at the rsync man page for a complete breakdown of this command as I will only be giving a high level overview of it.

• -a Archive mode: This is a short cut for the options -rlptgoD and in essence recurses through all sub directories and perservers things like ownership, permissions and symlinks making it useful for backups.
• -A Preserves ACLs (Access Control Lists).
• -X Preserves extended attributes.
• -v Verbose output.
• /path/to/backup/folder Where we have backed up the to.
• /media/encrypteddrive Where we have the partition mounted.

chroot to Encrypted Root

This is a little tricky since we need to mount the current system's transient/device folders and our original boot partition to the encrypted system's root.
Navigate to the root of the encrypted drive.

cd /media/encrypteddrive

Mount the system's transient/device folders (replacing sda1 with the location of your boot partition that was created in the initial system setup):

mount -t ext4 /dev/sda1 boot/
mount -t proc proc proc/
mount -t sysfs sys sys/
mount -o bind /dev dev/

Change Root

chroot .

Add an Entry to the crypttab

Here you will define the encrypted device and how to access it. Add the following to the file:

cryptroot /dev/sda2 /dev/disk/by-uuid/AC257504DA15b214:/keyfile.enc cipher=aes-xts-plain64,size=512,hash=ripemd160,keyscript=/lib/cryptsetup/scripts/passdev

Where AC257504DA15b214 is the UUID of your USB Key. The rest of the parameters match those we used when using cryptsetup to create the LUKS partition with two exceptions: cryptroot and hash=ripemd160. cryptroot is the mapping name we will use when refering to the drive in our fstab, hash=ripemd160 is the default hash used when using cryptsetup but it has to be specified here explicitly.

Update fstab

We have to update fstab to point to the new mapped root. Update /etc/fstab with the following in place of its root entry:

/dev/mapper/cryptroot / ext4 defaults 0 1

Update initramfs

Run the folloing command

update-initramfs -u

This is a tool that will re-tool your boot process given your current configuration including setting up the auto discovery of your encryption key and decrypting your root partition

Reboot

If all went well you should now be able to reboot (with your Live CD/DVD/USB removed) and the system will boot into Debian as long as the specific USB key with the keyfile on it is plugged into the machine.

Sources

• Arch Linux: Disk Encryption
• Arch Linux: Securely Wipe Disk
• Arch Linux dm-crypt/Device encryption
• Uwe Hermann HOWTO: Disk encryption with dm-crypt / LUKS and Debian [Update]
• Initramfs Documentation (Local to Debian Installation: /media/newroot/usr/share/doc/cryptsetup/README.initramfs.gz)

Python Boilerplate

What is it?

Basically, what it does is allow you to make your code modular by allowing you to put your execution code into a main function which is run when the file itself is run by the Python Interpreter. This means that you can then import this file in another without executing main code in order to make use of its methods.

The Code

The important part of the template is the final two lines. The call to main() will only be executed if this file was invoked by the Python interpreter.

### Boilerplate if __name__ == '__main__': main()

Learning Unity 02: Movement

A Little Frustration

I took a break from this project out of misplaced frustration (and increased work load). What triggered this frustration was a misunderstanding I had about how Unity GameObjects were intended to be used.
I had originally planned to have an inheritance structure between my GameObjects that went GameObject > Mobile > UnitMobile. However, when I went to implement the Interact (movement) action in my Mobile base class I had to create the inheritance. And to my annoyance Unity sealed the GameObject class which means it cannot be inherited. Bummer.
Coming back to the project several weeks later I decided to rework my design which led me to, at first, implementing a MobileInterfce interface which UnitMobile, extending MonoBehaviour, would implement. This had the benefit that MobileInterface could not be instantiated itself and would force UnitMobile to implement all methods that are necessary for it to work. However, this could lead to code duplication as I implement the Mobile interface for other classes. Then, thanks to a remark from a colleague, the idea of using Abstracts for the Behaviour was created. This satisfies all my requirements better than my original design. It allows me to implement base methods (such as Move) in the Mobile abstract class while requiring the extended class to implement all abstract methods (such as the InteractWith method) which must exist due to coupling between the UnitManager and UnitMobile classes. (I know coupling is usually a bad thing but direct method calls are far cheaper then a message system).
So, in summary, my misunderstanding was that I didn’t know Unity’s intent with the GameObject. Unity intends everything that exists in a scene to be just a GameObject. This means no casting or type checking is needed when working with GameObjects. When you need to interact with the behaviours/components of a GameObject you can get their instances from the GameObject directly. Then these behaviors/components are actually the driving pieces of the system and the game objects themselves are just, in essence, decoration as well as a container for instance objects (scripts and components).

Overview Of Changes

• I recreated the base scene so I could be sure that it’s easy to to implement the ClickController and Managers.
• I changed my naming prefix convention for my base empty GameObjects:
  • ~ Managers and Controllers
  • + GameObject, Cameras and Lights
• Changed my approach to the Mobile/UnitMoible relationship. I now use an Abstract class for Mobile.
• Added handling for interactions (default right click) into the UnitManager and Mobile classes.
  • The Unit manager will issue an Interact command to all selected UnitMobiles
  • The Unit manager will issue an InteractedWith command to any UnitMobile that was clicked when issuing the command.
• Implemented a simple Move method in the Mobile class which sets a target to move to.
• Implemented the FixedUpdate() method which will move toward the set target by looking at it and applying force to to move it forward. It will only do this if target is set and it is not within its set deadzone to that target.
• I added the GNU Licence to all source files. I chose this specific license because I’d prefer people not to have people make money off of my work without my consent. The intent of this project is for me and others to learn and contribute.
• Using a Mono profile I changed the coding standards to more conforme to my personal tastes. I included this profile if anyone else likes it and so I don’t have to recreate it if I format my system later.

Specifics

The Abstract Mobile

abstract public class Mobile:MonoBehaviour{ public float speed = 50; public float deadRange = 1;

Here are the two defaults for speed and deadRange. For those, like me, who hate seeing Magic Numbers inside code I will be moving these to a cosntants solution once I find one that I like in Unity. Chances are this will be a manager class that extends MonoBehaviour so I can change the constants from Unity.

abstract public void InteractWith();

We want each mobile to handle an InteractWith action as it needs to exist to satisfy the coupling between the UnitManager UnitMobile

public void Move(Vector3 location){ logger.debug(gameObject.name + " Moving to " + location); target = location; }

A Move is issued from the UnitManager and simply sets a target for each selected UnitMobile. The actual code that moves the unit is in FixedUpdate.

public void FixedUpdate(){ if(target != null){ logger.trace("target != null"); float distance = Vector3.Distance(transform.position, (Vector3)target); logger.trace("The distance to target is " + distance); if(distance > deadRange){ logger.trace("target not in range"); gameObject.transform.LookAt((Vector3)target); Vector3 force = speed * transform.forward; rigidbody.AddForce( force * Time.smoothDeltaTime ); } } }

This is pretty straight forward. If target is set and we’re not too close to it (defined by deadRange) look at it and apply force forward.

UnitMobile

public class UnitMobile : Mobile{ public UnitMobile(){ logger = new Log(this.GetType()); } public override void InteractWith(){ logger.debug(gameObject.name + " received notification that it is being interacted with"); } } }
The InteractWith method must be implemented even if it’s just a stub as the UnitManager assumes it exists in all UnitMobiles.

UnitManager

private void InteractActionHandler(GameObject targetGameObject, Vector3 location, List<keycode> modifiers) { logger.debug("Interact on " + targetGameObject.name); //Tell selected units an interaction has occured InteractWithSelectedUnits(targetGameObject, location); //Tell targeted unit that it is being interacted with NotifyInteractionWithUnit(targetGameObject); }
If we have an Interact action (Right Click) tell our selected units and the GameObject that was clicked on.
private void InteractWithSelectedUnits(GameObject targetGameObject, Vector3 location) { foreach(GameObject selectedUnit in selectedUnits){ UnitMobile unitMobile = (UnitMobile)selectedUnit.GetComponent(typeof(UnitMobile)); unitMobile.Move(location); } }
Calls the Move method of each selected UnitMobile. Note that in the future I see this interaction being abstracted as the UnitMobile will have multiple responses to an Interact action depending on context (such as attack, patrol, repair, etc.)
private void NotifyInteractionWithUnit(GameObject targetGameObject) { UnitMobile targetUnit = (UnitMobile)targetGameObject.GetComponent(typeof(UnitMobile)); //If we clicked on a UnitMobile if(targetUnit != null){ targetUnit.InteractWith(); } else { logger.debug("Interaction with " + targetGameObject.name + " detected. Since this object is not a mobile it" + " does cannot respond to the interaction"); } }
We first get the UnitMobile compnent of the GameObject. If it did have a UnitMobile component then we call the InteractWith method on it, otherwise its not something we know how to deal with so we don’t do anything with it.

Other Notes

I’ve been thinking about the abstraction layer (mentioned in the note regarding the InteractWithSelectedUnits method mentioned above). My current thoughts are to create a Handler/Message system that is coupled with specific unit types. Then a Unit would subscribe (depending on the type of unit) to any handler that it can perform. The UnitManager would then tell the handlers to pass along the message to a specific UnitMobile and if that instance is subscribed to the handler the message will be passed. This removes the coupling between the UnitMobile and the UnitManager but does create a coupling between these handlers and their specific unit types. I’ll have to sit down and work though a few use cases but in the mean time if anyone who reads this has feedback about it leave it below.

[Update] Next Steps: Simple Pathfinding

The next step is to implement a primitive pathfinding system. I have looked into several boxed versions of AI and Pathfinding implementations as well as the premium NavMesh feature of Unity.
I’m leaning toward implementing this myself for several reasons:

• I’ll have full control to implement and modify this however I want.
• It’ll be free.
• It’ll be fun! And I’ll get to learn a thing or two about Game AI.

Over the next few days I will be researching Game AI both with Unity and in general to get an idea of a good way to implement this. My current thought is to make either an intelligent world (ie. terrain or plane)or an overlapping intelligent mesh that will define accessible paths.

Source

I’ve tagged the source at v0.2 and it can be obtained here: Bitbucket: Unity Strategy Game Development v0.2

Java Keystores: A Quick Reference

Overview

One of the biggest headaches I have to deal with are web services with self signed SSL certificates for web services. This is a common issue for applications in development because development and preview environments rarely have properly signed certificates. So in order to debug and develop you have to get around this.

Get the Certificate

Perhaps this is the lazy way of getting a certificate for a self signed web service but it does work and it's fairly easy. You simply use your browser (Chrome or Firefox).

1. Navigate to your WSDL
2. Click the lock icon in the navigation bar to the left of the URL
3. If you're using Chrome (See the screen shot below for an example):
1. Click the Connection Tab
2. Click the Certificate Information
3. Click Details
4. Click Export
4. If you're using Firefox:
1. Click More Information
2. Click View Certificate
3. Click Details
4. Click Export
5. Select a location you can easily access and click Save

Exporting a SSL certificate in Chrome

Add the certificate to your Keystore

1. Open a terminal and navigate to where you saved the certificate and execute the following command:
2. keytool -import -trustcacerts -alias myAlias -file mycert.ca --keystore mykeystore.jks. There are several things to note here:
   • -trustcacerts will probably not help but its a nice to have. Basically if the root certificate is already in your cacerts file located at jdk/jre/lib/security/cacerts you wont be pestered about accepting this certificate via a yes/no prompt.
   • -alias this is a unique name that identifies the certificate. Usually the domain name the certificate belongs to is a good choice here.
   • -file this is the certificate file you downloaded via your browser
   • --keystore (optional) this is the keystore you're going to store the certificate in. If it doesn't already exist it will be created. If this option is left out the user's keystore will be used.
3. You will be prompted for the keystore password. By default this is changeit if you left the --keystore option off. If you're creating a new keystore this will be its password.
4. If asked about importing the certificate type "yes" and hit enter.

Using a non-default keystore in Java

This is done by including 3 JVM options when running your java application:

• Dsun.security.ssl.allowUnsafeRenegotiation=true 
• Djavax.net.ssl.trustStore=/path/to/your/keystore
• Djavax.net.ssl.trustStorePassword=changeit

For example executing an application with a custom keystore would look like this:

java -Dsun.security.ssl.allowUnsafeRenegotiation=true -Djavax.net.ssl.trustStore=/home/bradley/liferay-preview-keystore -Djavax.net.ssl.trustStorePassword=changeit -jar myapp.jar

A Trick When Working with Multiple Environments

Since it's better to develop and debug with an environment that mimics your preview and production environments I've taken to copying the java keystore in our preview environments, which is  managed by our middle ware team and/or application admins, to my local machine and have my local environments/applications use it instead of importing certificates manually. This file is located at <JDK>/jre/lib/security/cacerts (In my case the full path is:  /usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts). What this accomplishes is guaranteeing that my environment has the same certificates as our preview instance. Couple this with setting up an SSH tunnel to our preview instance for the application running locally and development and migration between dev and preview environments for applications that consume a web service becomes trivial.

A Tool For Working with Web Services

A critical tool for debugging and setting up a web service/client is SoapUI. This application allows you to load a WSDL, either remotely or locally, and it will generate a SOAP envelope that you can use to query the web service. The results of the query are then returned and displayed in SoapUI.

A word of caution: I've had a lot of trouble getting SoapUI to use keystores I've set up via the GUI. If you're running into this problem you can use the instructions in the "Using a non-default keystore in Java" section and add the JVM options to SoapUI/bin/soapui.sh. Once I did this my SSL certificates were recognized (even though the exact same keystore was set up in SoapUI's preferences and my project) and everything worked perfectly.