-
http://blog.dustinkirkland.com/2010/06/ecryptfs-backup-strategy.html
One strategy to backup encrypted ecryptfs data as suggested by the author of ecryptfs. Useful and simple. Backup the metadata and the raw files with rsync.
-
http://blog.dustinkirkland.com/2011/04/introducing-ecryptfs-recover-private.html
A critical utility for ecryptfs called ecryptfs-recover-private which automates and simplifies the process of recovering encrypted home directory data from Ubuntu.
-
http://blog.rootshell.be/2009/03/27/yubikey-authentication-on-linux/
Article explaining how to use yubipam to enable yubikey authentication on a linux machine. However, yubipam only supports single factor auth, username + token, no additional password.
-
http://learninginlinux.wordpress.com/2008/04/23/installing-ubuntu-804-with-full-disk-encryption/
Walkthrough on setting up Ubuntu Hardy Heron with full disk encryption. Very handy. :)
-
http://pajhome.org.uk/crypt/md5/
A javascript implementation of md5. Very handy.
-
http://pastebin.com/yPyK193a
A different strategy to find an encrypted filename from an unencrypted filename under ecryptfs (Ubunut's encrypted home directory system).
-
http://random.irb.hr/
A random number generation web service that uses the intrinsic randomness of the quantum physical process of photonic emission in semiconductors and subsequent detection by photoelectric effect. Very cool. Available as a web service.
-
http://safe-mail.net/
Encrypted, paranoid friendly email service. 3mb free, 75MiB accounts from $25/year. Not particularly cheap and very Web 1.0.
-
http://tombuntu.com/index.php/2007/12/12/simple-file-encryption-with-openssl/
Handy howto on encrypting files with openssl and a passphrase. Dead easy, `openssl aes-256-cbc -salt -in file -out file` then `openssl aes-256-cbc -d in file out file`. Can also be used in pipes like `tar cp /blah | openssl aes-256-cbc -salt -out b.tar``
-
http://tredosoft.com/truecrypt_fedora_7
-
http://ubuntu-tutorials.com/2007/08/17/7-steps-to-an-encrypted-partition-local-or-removable-disk/
A tutorial on setting up encrypted partitions in Ubuntu Gutsy Gibbon (7.10). Goes into some detail as to what each command does. Useful.
-
http://ubuntuforums.org/showthread.php?t=852216
How to restore encrypted partitions on the ubuntu forums. Could be useful if needing to restore from a backup of an encrypted disk.
-
http://users.piuha.net/martti/comp/ubuntu/en/cryptolvm.html
A detailed how-to, including screenshots, on setting up an encrypted LVM in Ubuntu. This approach creates one single encrypted LVM and then multiple partitions within it (as well as an unencrypted boot partition). Easy to follow, useful reading.
-
http://westhoffswelt.de/blog/0046_from_revelation_security_to_android_password_managers.html?_=1344537066
Useful article about exporting data from revelation into a CSV ready for import into secrets, an Android password manager. Useful PHP script Revtrans which can decrypt and read the native revelation file format. Very handy.
-
http://www.cypherpunks.ca/otr/
OTR is an encryption layer for Instant Messaging which provides encryption, authentication, deniability and forward secrecy.
-
http://www.fsckin.com/2008/01/15/howto-setup-and-benchmark-encrypted-partitions-in-ubuntu/
An article on how to create an encrypted volume and then four ways to benchmark encrypted disk performance. Summary, the author estimates a 10% performance cost on a 3.2GHz system, 4Gb memory, no swap.
-
http://www.howtoforge.com/how-to-set-up-mysql-database-replication-with-ssl-encryption-on-centos-5.4
Good introduction on setting up mysql replication with SSL encryption. Some of the options have changed in mysql 5.5 (no moremaster-connect-retry) and some settings are not applicable to Ubuntu, but the gist of it is useful.
-
http://www.savvyadmin.com/secure-remote-file-storage-with-ssh-and-dm-crypt/
Article explaining how to mount an encrypted container on a remote system. The remote file container is mounted over sshfs then locally mounted via dm-crypt. This has some major challenges, the approach is interesting albeit not particularly practical.
-
http://www.startssl.com/
Free SSL certificates which are accepted by most modern browsers. Very cool.
-
http://www.tarsnap.com/
Encrypted backups which don't require you to trust the backup provider, although the code is open source but not free (as in freedom) and so there is only one possible provider...
-
http://www.telmon.org/?p=631
Interesting article including a script that figures out a mapping from unencrypted filenames into ecryptfs encrypted filenames. Potentially useful.
-
http://www.truecrypt.org/
TrueCrypt is a cross platform disk encryption package. You can create steganographic, hidden volumes which are completely deniable.
-
https://discussions.apple.com/thread/3508926?start=0&tstart=0
Apparently one can secure a mac by issuing the command `sudo pmset -a destroyfvkeyonstandby 1` which tells it to destroy the FileVault keys on standby, whether standby to memory or disk.
-
https://github.com/firnsy/yubipam/#readme
PAM module that allows offline authentication against a yubikey. Requires a key to be retrieved from yubico by sending email plus payment info, etc. Less secure than online validation. Only supports single factor auth, username + token, no password.
-
https://github.com/tfheen/ykfde#readme
Script to enable a yubikey to be used with luks full disk encryption. Very interesting...
