Bitcoin Forum
October 01, 2016, 10:19:20 PM *
News: Latest stable version of Bitcoin Core: 0.13.0 (New!) [Torrent]. Make sure you verify it.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: using ecryptfs to protect your wallet  (Read 1126 times)
grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
October 21, 2010, 07:48:54 PM
 #1

I guess this could be in the wiki but I post it here first.

I've recently looked for a free alternative to TrueCrypt.

On my Debian system, I've found ecryptfs.  It seems nice because it doesn't require you to encrypt a whole partition.

First, install the package :

apt-get install ecryptfs-utils

Then, create a ~/Private directory.

Setup this directory as your encrypted directory with the command :

ecryptfs-setup-private

(you may need to load the ecryptfs module with modprobe or something)

You will be prompted for your login password and for a optionnal mount password.  Using only your login password is easier since it will save you the typing of an additionnal password.

Relog.

Move your wallet.dat file in your Private directory, and make a symlink :

mv .bitcoin/wallet.dat Private
ln -s $HOME/Private/wallet.dat .bitcoin

That's about it.

You can unmount your private dir with the ecryptfs-umount-private command.

This directory can be used for other sensitive files, such as .fetchmailrc, .ssh/id_dsa, .gnupg and so on.



1475360360
Hero Member
*
Offline Offline

Posts: 1475360360

View Profile Personal Message (Offline)

Ignore
1475360360
Reply with quote  #2

1475360360
Report to moderator
1475360360
Hero Member
*
Offline Offline

Posts: 1475360360

View Profile Personal Message (Offline)

Ignore
1475360360
Reply with quote  #2

1475360360
Report to moderator
1475360360
Hero Member
*
Offline Offline

Posts: 1475360360

View Profile Personal Message (Offline)

Ignore
1475360360
Reply with quote  #2

1475360360
Report to moderator
"Governments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
theymos
Administrator
Legendary
*
expert
Offline Offline

Activity: 2422


View Profile
October 21, 2010, 09:29:04 PM
 #2

I use dm-crypt. You must be root to mount the encrypted device. You can use a file-based container with a loop device.

My mount script:
Code:
losetup /dev/loop0 /encrypted

HASH=`hashalot -s salt sha256 | hexdump -e '32/1 "%02x"'`
echo 0 `blockdev --getsize /dev/loop0` crypt aes-cbc-essiv:sha256 \
$HASH 0 /dev/loop0 0 | dmsetup create hidden

Unmount:
Code:
dmsetup remove hidden && losetup -d /dev/loop0

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!