Bitcoin Forum
December 14, 2017, 03:54:03 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: using ecryptfs to protect your wallet  (Read 1260 times)
grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
October 21, 2010, 07:48:54 PM
 #1

I guess this could be in the wiki but I post it here first.

I've recently looked for a free alternative to TrueCrypt.

On my Debian system, I've found ecryptfs.  It seems nice because it doesn't require you to encrypt a whole partition.

First, install the package :

apt-get install ecryptfs-utils

Then, create a ~/Private directory.

Setup this directory as your encrypted directory with the command :

ecryptfs-setup-private

(you may need to load the ecryptfs module with modprobe or something)

You will be prompted for your login password and for a optionnal mount password.  Using only your login password is easier since it will save you the typing of an additionnal password.

Relog.

Move your wallet.dat file in your Private directory, and make a symlink :

mv .bitcoin/wallet.dat Private
ln -s $HOME/Private/wallet.dat .bitcoin

That's about it.

You can unmount your private dir with the ecryptfs-umount-private command.

This directory can be used for other sensitive files, such as .fetchmailrc, .ssh/id_dsa, .gnupg and so on.



1513266843
Hero Member
*
Offline Offline

Posts: 1513266843

View Profile Personal Message (Offline)

Ignore
1513266843
Reply with quote  #2

1513266843
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513266843
Hero Member
*
Offline Offline

Posts: 1513266843

View Profile Personal Message (Offline)

Ignore
1513266843
Reply with quote  #2

1513266843
Report to moderator
1513266843
Hero Member
*
Offline Offline

Posts: 1513266843

View Profile Personal Message (Offline)

Ignore
1513266843
Reply with quote  #2

1513266843
Report to moderator
1513266843
Hero Member
*
Offline Offline

Posts: 1513266843

View Profile Personal Message (Offline)

Ignore
1513266843
Reply with quote  #2

1513266843
Report to moderator
theymos
Administrator
Legendary
*
expert
Offline Offline

Activity: 2870


View Profile
October 21, 2010, 09:29:04 PM
 #2

I use dm-crypt. You must be root to mount the encrypted device. You can use a file-based container with a loop device.

My mount script:
Code:
losetup /dev/loop0 /encrypted

HASH=`hashalot -s salt sha256 | hexdump -e '32/1 "%02x"'`
echo 0 `blockdev --getsize /dev/loop0` crypt aes-cbc-essiv:sha256 \
$HASH 0 /dev/loop0 0 | dmsetup create hidden

Unmount:
Code:
dmsetup remove hidden && losetup -d /dev/loop0

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!