DSL Ideas and Suggestions :: Improving security of encrypted backup/restore
The backup/restore process is one of dsl's most useful features. Robert's work on dsl is awe inspiring. That said, here are some ideas::
Currently in dsl-1.5 using "protect", the backup/restore script filetool.sh temporarily writes backup.tar.gz to the backup device in plaintext before encrypting and after decrypting. This means an attacker gaining control of the backup device might recover all or part of the unencrypted tarball using appropriate tools.
Also, if an incorrect password is entered twice at the prompts during boot time, decryption fails but the incorrect password nevertheless remains stored in /etc/sysconfig/des. On subsequently backing up, or just rebooting with the default powerdown.sh, the non-restored system gets backed up and encrypted with the incorrect password, replacing the needed backup.des.
I've hacked the scripts slightly to try fixes for these issues. Named pipes are used to communicate between des and tar, thus avoiding writing plaintext temp files to the backup medium, and /etc/sysconfig/des gets deleted if decryption fails.
You can test these, strictly AYOR. For convenience I packaged the altered scripts as an extension - note this must be put on your mydsl drive and autoloaded *during* boot (NOT after). Download (r click, "save as") here
md5sum is c83ce8296f5812dc78b04cf701e5912c (check it).
These are unofficial experiments, don't use to backup/restore critical data. Behavior differs from that of the standard scripts. Make copies of your backup tarballs beforehand.
While I have little interest in the subject at hand, it's nice to see people with the knowledge and desire to hack up DSL. Please feel free to share more ideas in the future =o)
Thanks for the kind words, WDef. Sometimes it seems like thanks or kind words are few and far between. Sometimes, because I don't post often, not in irc much, many may not even know of my efforts. I do code everything in script, be it bash, lua, or luafltk so that others like yourself can easily read them. I thank you for taking the interest and time to do such and even more so for sharing your thoughts and improvements. Look for your named pipes for enhanced security to be included in the next release.
Robert
Don't worry, we all love you Robert 
WDef, I am really impressed I had no idea how that all worked, thanks for sharing.
Robert, I think we all have alot of respect for you, we probably just dont express our thanks as much as we should.
Next Page...
original here.