Saturday, March 10, 2012

HOWTO : Encrypt/Decrypt BackTrack 5 R2 with Passphrase

Credit to : Infosec Ramblings and

Step 1 :

The hard drive partitioning is as the following :

/dev/sda1 for /boot
/dev/sda5 for /

Assume the hard drive is band new.

fdisk /dev/sda

* where +4G is set to 4GB for the /dev/sda1 as /boot. You can set it to +1024M or smaller.

Step 2 :

cryptsetup -y -c aes-xts-plain -s 512 luksFormat /dev/sda5
cryptsetup luksOpen /dev/sda5 haktop

* where haktop is the device label

Step 3 :

mkfs.ext2 /dev/sda1
mkfs.ext4 /dev/mapper/haktop

Step 4 :

Install BackTrack 5 R2 as is. However, select custom partitioning. Do not format the partitions. Select /dev/mapper/haktop as ext4 and / while select /dev/sda1 as ext2 and /boot.

Make sure the bootloader is installed at /dev/sda.

Step 5 :

Once the installation is completed, select "Continue testing" and do not reboot the system.

mkdir /mnt/haktop

mount /dev/mapper/haktop /mnt/haktop/
mount /dev/sda1 /mnt/haktop/boot

chroot /mnt/haktop/

mount -t proc proc /proc
mount -t sysfs sys /sys/

Step 6 :

Get the UUID of sda5 by opening another terminal :

blkid /dev/sda5

Copy down the UUID of the /dev/sda5.

nano /etc/crypttab

haktop /dev/disk/by-uuid/<UUID Key> none luks

Step 7 :

nano /usr/share/initramfs-tools/scripts/local-top/cryptroot

Locate the following :

# Try to get a satisfactory password $crypttries times
   while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do

Change to :

echo "Unlocking the disk $cryptsource ($crypttarget)"
while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do

Locate the following :

if [ -z "$cryptkeyscript" ]; then
   cryptkey="Unlocking the disk $cryptsource ($crypttarget)\nEnter passphrase: "
if [ -x /bin/plymouth ] && plymouth --ping; then

Change to :

if [ -z "$cryptkeyscript" ]; then
   cryptkey="Enter passphrase: "
if [ -x /bin/plymouth ] && plymouth --ping; then

Step 7a :

update-initramfs -u


Now, reboot the system. The bootup will halt at the wallpaper of BackTrack 5. Just press F8 and deleted the prompted "****" and then enter your passphrase to boot the system.

Or, you can just key in the passphrase when the bootup process is stopped at the wallpaper.

Step 8 : (Optional)

If you do not want to press F8, you can delete the "splash" from the following line.

nano /boot/grub/grub.cfg

Locate the following :

linux /vmliunx-3.2.6 root=/dev/mapper/haktop ro text splash vga=791

To make it look likes :

linux /vmliunx-3.2.6 root=/dev/mapper/haktop ro text vga=791

Then, you will be prompted for entering your passphrase on every boot up.

Step 9 :

After the system is boot up, it is required to create swap file.

dd if=/dev/zero of=/swapfile1 bs=1M count=8192

* Where count=8192 is 8GB

mkswap /swapfile1
chown root:root /swapfile1
chmod 0600 /swapfile1

swapon /swapfile1

nano /etc/fstab

/swapfile1 swap swap defaults 0 0

Then reboot the system.

See Also : HOWTO : Encrypt/Decrypt BackTrack 5 R2 with USB stick

That's all! See you.