Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente Prochaine révision Les deux révisions suivantes | ||
doc:veille:chiffrement [2007/03/16 11:17] lehobey |
doc:veille:chiffrement [2009/02/27 00:54] lehobey |
||
---|---|---|---|
Ligne 2: | Ligne 2: | ||
===== Thèmes ===== | ===== Thèmes ===== | ||
- | * [[GPG]] | + | * [[GnuTLS]] |
+ | * [[GPG]] et [[doc:ma clef GPG]] | ||
* [[Droit de chiffrer]] | * [[Droit de chiffrer]] | ||
+ | * [[openssl]] | ||
* [[ssh]] | * [[ssh]] | ||
* [[sshfs]] | * [[sshfs]] | ||
Ligne 9: | Ligne 11: | ||
* http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns | * http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns | ||
* http://blog.zugschlus.de/archives/523-EasyRSA-on-Debian-for-an-OpenVPN-CA.html | * http://blog.zugschlus.de/archives/523-EasyRSA-on-Debian-for-an-OpenVPN-CA.html | ||
+ | |||
+ | * Très intéressant : http://www.hermann-uwe.de/blog/towards-a-moderately-paranoid-debian-laptop-setup--part-1-base-system | ||
===== De partitions ===== | ===== De partitions ===== | ||
+ | * http://madduck.net/docs/cryptdisk/ | ||
* À la Ubuntu : https://wiki.ubuntu.com/EncryptedFilesystemHowto | * À la Ubuntu : https://wiki.ubuntu.com/EncryptedFilesystemHowto | ||
- | * http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian | + | * http://feeding.cloud.geek.nz/2008/05/encrypting-your-home-directory-using.html |
+ | * http://feeds.feedburner.com/~r/UbuntuTutorials/~3/145370028/ | ||
+ | * http://www.cs278.org/blog/ubuntu-configuration/feisty-debootstrap-encrypted-install/ | ||
* http://en.wikipedia.org/wiki/Disk_encryption_software | * http://en.wikipedia.org/wiki/Disk_encryption_software | ||
* Dm-crypt : | * Dm-crypt : | ||
Ligne 18: | Ligne 25: | ||
* http://glenux2.free.fr/index.php?2006/03/26/5-balader-des-partitions-chiffrees | * http://glenux2.free.fr/index.php?2006/03/26/5-balader-des-partitions-chiffrees | ||
* Il n'y a pas plus d'inconvénient : http://blog.madduck.net/geek/2006.08.12-cipher-blocks-and-physical-blocks | * Il n'y a pas plus d'inconvénient : http://blog.madduck.net/geek/2006.08.12-cipher-blocks-and-physical-blocks | ||
- | * LUKS : http://blog.dlgeek.net/?p=84 | ||
* Question (peu de réponses) : http://linuxfr.org/forums/41/20185.html | * Question (peu de réponses) : http://linuxfr.org/forums/41/20185.html | ||
* http://blog.incase.de/index.php/2007/02/20/dual-boot-and-full-encryption-part-2/ | * http://blog.incase.de/index.php/2007/02/20/dual-boot-and-full-encryption-part-2/ | ||
+ | * http://www.student.tue.nl/Q/j.f.berndsen/debian/ | ||
+ | |||
+ | * Réflexions : http://feeding.cloud.geek.nz/2008/04/two-tier-encryption-strategy-archiving.html | ||
+ | * Attaques : http://www.hermann-uwe.de/blog/lest-we-remember--cold-boot-attacks-on-encryption-keys | ||
+ | |||
+ | |||
+ | ==== LUKS ==== | ||
+ | * http://mixinet.net/~sto/blog/sysadmin/20090226_macbook_cryptsetup_take_3/ | ||
+ | |||
+ | * http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian | ||
+ | * LUKS : http://blog.dlgeek.net/?p=84 | ||
+ | * http://web.glandium.org/blog/?p=139 | ||
+ | * https://help.ubuntu.com/community/EncryptedFilesystem | ||
+ | * http://johnleach.co.uk/words/archives/2006/12/06/245/ | ||
+ | * retailler : http://www.enricozini.org/2008/tips/resize-luks.html | ||
+ | * Et ssh : http://ubuntuforums.org/showthread.php?t=829768 | ||
+ | * Amovibles : http://www.fabianrodriguez.com/blog/2009/01/21/easy-removable-storage-encryption-that-works-with-hardy-and-intrepid/ | ||
==== Comparaison ==== | ==== Comparaison ==== | ||
* http://www.corsac.net/?rub=blog&post=1327 | * http://www.corsac.net/?rub=blog&post=1327 | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ==== Démarrage ==== | ||
+ | === grub === | ||
+ | * http://blog.sietch-tabr.com/index.php/post/2007/09/28/reinstallation-de-GRUB-sur-le-MBR-avec-un-systeme-sur-un-LVM-chiffre | ||
+ | |||
+ | === clef === | ||
+ | * http://www.matthew.ath.cx/articles/cryptkey | ||
+ | * Système sur clef : http://www.debian-administration.org/articles/179 | ||
+ | |||
+ | ==== Liens (pour orthosie) ==== | ||
+ | * http://www.debianhelp.org/node/6835 | ||
+ | * http://sicherheitsschwankung.de/post/jan/2005-12-13/migrating-dm-crypt-lvm-root-debian | ||
+ | * http://wiki.debian.org/DebianInstaller/FAQ#head-c7d5c839c7985d0705132cd8d8b607fd6a067f53 | ||
+ | * http://changelog.complete.org/posts/541-Disk-encryption-support-in-Etch.html | ||
+ | * http://www.debian-administration.org/articles/428 | ||
+ | * http://www.saout.de/tikiwiki/tiki-index.php | ||
+ | * http://www.saout.de/tikiwiki/tiki-index.php?page=HOWTO | ||
+ | |||
+ | ==== Partition d'échange ===== | ||
+ | * http://feeding.cloud.geek.nz/2008/03/encrypted-swap-partition-on.html | ||
===== eCryptfs ===== | ===== eCryptfs ===== | ||
* http://lwn.net/Articles/156921/ | * http://lwn.net/Articles/156921/ | ||
+ | * Répertoires privés : http://dustinkirkland.wordpress.com/2008/10/03/whats-in-my-encrypted-private-directory/ | ||
===== Encfs ===== | ===== Encfs ===== | ||
* http://hollowtube.mine.nu/wiki/index.php/PAM/PamEncfs | * http://hollowtube.mine.nu/wiki/index.php/PAM/PamEncfs | ||
+ | * Mode graphique : http://www.aigarius.com/blog/2008/02/02/using-fuse-encfs-in-a-graphical-way/ | ||
+ | |||
+ | |||
===== Clefs sur clef ====== | ===== Clefs sur clef ====== | ||
+ | * http://www.linux.codehelp.co.uk/serendipity/index.php?/archives/131-Adapting-autofs-for-GPG-keys-to-an-SD-card.html | ||
* http://www.mattb.net.nz/blog/2006/04/13/loading-gpg-ssh-keys-from-a-usb-key-round-2/ | * http://www.mattb.net.nz/blog/2006/04/13/loading-gpg-ssh-keys-from-a-usb-key-round-2/ | ||
* http://www.mattb.net.nz/debian/misc/manage-keys | * http://www.mattb.net.nz/debian/misc/manage-keys | ||
+ | * https://help.ubuntu.com/community/GPGKeyOnUSBDrive | ||
+ | * http://www.einval.com/~steve/docs/gpg-autofs.html | ||
+ | * http://artisan.karma-lab.net/node/1164 | ||
+ | * http://www.matthew.ath.cx/articles/cryptkey | ||
===== Courbes elliptiques ======= | ===== Courbes elliptiques ======= | ||
Ligne 64: | Ligne 119: | ||
===== HDDVD ===== | ===== HDDVD ===== | ||
* http://forum.doom9.org/showpost.php?p=924730&postcount=244 | * http://forum.doom9.org/showpost.php?p=924730&postcount=244 | ||
+ | * Clefs : | ||
+ | * http://sam.zoy.org/blog/2007-05-03-obligatory-r | ||
+ | * http://09f911029d74e35bd84156c5635688c0.eu/ | ||
+ | * http://blog.halon.org.uk/2007/05/04#hd-dvd-key-button | ||
===== DVD non chiffrés ===== | ===== DVD non chiffrés ===== | ||
Ligne 70: | Ligne 129: | ||
===== Clefs et courriels ===== | ===== Clefs et courriels ===== | ||
* http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns | * http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns | ||
+ | |||
+ | ===== Pour la monnaie ? ===== | ||
+ | * http://kitenet.net/~joey/blog/entry/re:_online_shopping/ | ||
+ | |||
+ | ===== Sans-fil ===== | ||
+ | * http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html | ||
====== Astuces ====== | ====== Astuces ====== | ||
Ligne 75: | Ligne 140: | ||
* Des SMS : http://www.hermann-uwe.de/blog/encrypted-sms-solutions | * Des SMS : http://www.hermann-uwe.de/blog/encrypted-sms-solutions | ||
+ | |||
+ | ===== (Hum) Rot-13 ===== | ||
+ | * http://www.sesame-ouvre-toi.net/caverne/rot13.html |