Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente | |||
doc:veille:chiffrement [2015/10/11 19:45] fdl Déplacée vers veille:chiffrement. |
— (Version actuelle) | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
- | ====== Chiffrement ====== | ||
- | |||
- | ===== Thèmes ===== | ||
- | * [[GnuTLS]] | ||
- | * [[GPG]] et [[doc:ma clef GPG]] | ||
- | * [[Droit de chiffrer]] | ||
- | * [[openssl]] | ||
- | * [[sha-1]] | ||
- | * [[ssh]] | ||
- | * [[sshfs]] | ||
- | |||
- | * http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns | ||
- | * http://blog.zugschlus.de/archives/523-EasyRSA-on-Debian-for-an-OpenVPN-CA.html | ||
- | |||
- | * Très intéressant : http://www.hermann-uwe.de/blog/towards-a-moderately-paranoid-debian-laptop-setup--part-1-base-system | ||
- | |||
- | ===== De partitions ===== | ||
- | * http://madduck.net/docs/cryptdisk/ | ||
- | * À la Ubuntu : https://wiki.ubuntu.com/EncryptedFilesystemHowto | ||
- | * http://feeding.cloud.geek.nz/2008/05/encrypting-your-home-directory-using.html | ||
- | * http://feeds.feedburner.com/~r/UbuntuTutorials/~3/145370028/ | ||
- | * http://www.cs278.org/blog/ubuntu-configuration/feisty-debootstrap-encrypted-install/ | ||
- | * http://en.wikipedia.org/wiki/Disk_encryption_software | ||
- | * Dm-crypt : | ||
- | * http://ftp.traduc.org/doc-vf/gazette-linux/html/2005/114/lg114-E.html | ||
- | * http://glenux2.free.fr/index.php?2006/03/26/5-balader-des-partitions-chiffrees | ||
- | * Il n'y a pas plus d'inconvénient : http://blog.madduck.net/geek/2006.08.12-cipher-blocks-and-physical-blocks | ||
- | |||
- | * Question (peu de réponses) : http://linuxfr.org/forums/41/20185.html | ||
- | |||
- | * http://blog.incase.de/index.php/2007/02/20/dual-boot-and-full-encryption-part-2/ | ||
- | * http://www.student.tue.nl/Q/j.f.berndsen/debian/ | ||
- | |||
- | * Réflexions : http://feeding.cloud.geek.nz/2008/04/two-tier-encryption-strategy-archiving.html | ||
- | * Attaques : http://www.hermann-uwe.de/blog/lest-we-remember--cold-boot-attacks-on-encryption-keys | ||
- | |||
- | |||
- | ==== LUKS ==== | ||
- | * http://mixinet.net/~sto/blog/sysadmin/20090226_macbook_cryptsetup_take_3/ | ||
- | |||
- | * http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian | ||
- | * LUKS : http://blog.dlgeek.net/?p=84 | ||
- | * http://web.glandium.org/blog/?p=139 | ||
- | * https://help.ubuntu.com/community/EncryptedFilesystem | ||
- | * http://johnleach.co.uk/words/archives/2006/12/06/245/ | ||
- | * retailler : http://www.enricozini.org/2008/tips/resize-luks.html | ||
- | * Et ssh : http://ubuntuforums.org/showthread.php?t=829768 | ||
- | * Amovibles : http://www.fabianrodriguez.com/blog/2009/01/21/easy-removable-storage-encryption-that-works-with-hardy-and-intrepid/ | ||
- | |||
- | ==== Comparaison ==== | ||
- | * http://www.corsac.net/?rub=blog&post=1327 | ||
- | |||
- | |||
- | |||
- | |||
- | ==== Démarrage ==== | ||
- | === grub === | ||
- | * http://blog.sietch-tabr.com/index.php/post/2007/09/28/reinstallation-de-GRUB-sur-le-MBR-avec-un-systeme-sur-un-LVM-chiffre | ||
- | |||
- | === clef === | ||
- | * http://www.matthew.ath.cx/articles/cryptkey | ||
- | * Système sur clef : http://www.debian-administration.org/articles/179 | ||
- | |||
- | ==== Liens (pour orthosie) ==== | ||
- | * http://www.debianhelp.org/node/6835 | ||
- | * http://sicherheitsschwankung.de/post/jan/2005-12-13/migrating-dm-crypt-lvm-root-debian | ||
- | * http://wiki.debian.org/DebianInstaller/FAQ#head-c7d5c839c7985d0705132cd8d8b607fd6a067f53 | ||
- | * http://changelog.complete.org/posts/541-Disk-encryption-support-in-Etch.html | ||
- | * http://www.debian-administration.org/articles/428 | ||
- | * http://www.saout.de/tikiwiki/tiki-index.php | ||
- | * http://www.saout.de/tikiwiki/tiki-index.php?page=HOWTO | ||
- | |||
- | ==== Partition d'échange ===== | ||
- | * http://feeding.cloud.geek.nz/2008/03/encrypted-swap-partition-on.html | ||
- | |||
- | ===== eCryptfs ===== | ||
- | * http://lwn.net/Articles/156921/ | ||
- | * Répertoires privés : http://dustinkirkland.wordpress.com/2008/10/03/whats-in-my-encrypted-private-directory/ | ||
- | |||
- | ===== Encfs ===== | ||
- | * http://hollowtube.mine.nu/wiki/index.php/PAM/PamEncfs | ||
- | * Mode graphique : http://www.aigarius.com/blog/2008/02/02/using-fuse-encfs-in-a-graphical-way/ | ||
- | |||
- | |||
- | |||
- | ===== Clefs sur clef ====== | ||
- | * http://www.linux.codehelp.co.uk/serendipity/index.php?/archives/131-Adapting-autofs-for-GPG-keys-to-an-SD-card.html | ||
- | * http://www.mattb.net.nz/blog/2006/04/13/loading-gpg-ssh-keys-from-a-usb-key-round-2/ | ||
- | * http://www.mattb.net.nz/debian/misc/manage-keys | ||
- | * https://help.ubuntu.com/community/GPGKeyOnUSBDrive | ||
- | * http://www.einval.com/~steve/docs/gpg-autofs.html | ||
- | * http://artisan.karma-lab.net/node/1164 | ||
- | * http://www.matthew.ath.cx/articles/cryptkey | ||
- | |||
- | ===== Courbes elliptiques ======= | ||
- | * SKS : http://pagina.de/sks | ||
- | * http://packages.debian.org/unstable/utils/sks-ecc | ||
- | * http://packages.debian.org/unstable/utils/seccure | ||
- | |||
- | ===== Bibliothèques ===== | ||
- | * http://directory.fsf.org/libgcrypt.html | ||
- | ===== Mauvaises pratiques ===== | ||
- | * http://www.advogato.org/person/vorlon/diary.html?start=16 | ||
- | * WEP : http://linuxfr.org/2006/08/16/21198.html | ||
- | |||
- | |||
- | ==== TLS 1.0 est pourri ==== | ||
- | * http://www.bortzmeyer.org/beast-tls.html | ||
- | |||
- | ===== Recherche en crypto ===== | ||
- | * http://linuxfr.org/2006/11/20/21654.html | ||
- | |||
- | ===== Traçage https ===== | ||
- | * http://packages.debian.org/unstable/net/spikeproxy | ||
- | |||
- | ===== Cryptonit ===== | ||
- | * http://linuxfr.org/2006/12/19/21786.html | ||
- | |||
- | ===== Performances ===== | ||
- | * http://etbe.blogspot.com/2006/12/encryption-speed-debian-vs-fedora.html | ||
- | |||
- | ===== HDDVD ===== | ||
- | * http://forum.doom9.org/showpost.php?p=924730&postcount=244 | ||
- | * Clefs : | ||
- | * http://sam.zoy.org/blog/2007-05-03-obligatory-r | ||
- | * http://09f911029d74e35bd84156c5635688c0.eu/ | ||
- | * http://blog.halon.org.uk/2007/05/04#hd-dvd-key-button | ||
- | |||
- | ===== DVD non chiffrés ===== | ||
- | * http://www.videolan.org/removed/freedvd.html | ||
- | |||
- | ===== Clefs et courriels ===== | ||
- | * http://www.df7cb.de/blog/2007/03/01#2007-03-01-openpgp-dns | ||
- | |||
- | ===== Pour la monnaie ? ===== | ||
- | * http://kitenet.net/~joey/blog/entry/re:_online_shopping/ | ||
- | |||
- | ===== Sans-fil ===== | ||
- | * http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html | ||
- | |||
- | ====== Astuces ====== | ||
- | * Pour ssh dans konqueror : ''fish://'' selon http://business.newsforge.com/business/06/03/09/2238246.shtml?tid=37 | ||
- | |||
- | * Des SMS : http://www.hermann-uwe.de/blog/encrypted-sms-solutions | ||
- | |||
- | ===== (Hum) Rot-13 ===== | ||
- | * http://www.sesame-ouvre-toi.net/caverne/rot13.html |