09-29-2012
How about an encrypted file system? You need a password to work on the files.
This is a far more sensible approach. We had this long ago at Los Alamos National Labs (NM, USA) where security followed Orange book B requirements. That is FAR more stringent than anything you can afford to implement.
What you are doing is probably ill-conceived, and motivations are good, but Don Cragun was too polite to say that.
consider this free toolkit for Linux, other OS software exists, too:
Filesystem Encryption Tools for Linux
The probability of you getting this requirement to work is low, and getting it to work flawlessly is very low, IMO. It has to be done at a very low level (kernel mode or in filesystem drivers), not with shell scripts. The probability is high that you will irreversibly damage files. And if accidentally you do that to system files, you lose the whole system. If you do proceed with your shell script approach, be very scrupulous about backing up files, because you will definitely have problems.
Just my opinion, trying to prevent big problems for you. Not trying to squash innovation.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello guys !
I have used "crypt <first> second" command to encrypt "first" to "second" file. i have assign a key for that of course.
Now when i try to look content of "seocnd" file through "cat second" command, the file is encrypted and cannot be read which is according to plan.
But when... (3 Replies)
Discussion started by: abidmalik
3 Replies
2. Programming
Dear all,
If anyone has some ideas for me how to tackle the following situation:
Imagine a type of client-server application. The client application is started by a human operator with all the necessary LDAP/Kerberos in place. The server application is started automatically as a daemon process.... (2 Replies)
Discussion started by: domivv
2 Replies
3. Solaris
Hi
Someone is going to send me a file that they have encrypted by PGP encryption on windows pc to my solaris 9 server.
They will give me the pgp key to decrypt the file.
How can I do this on solaris 9
Is there a tool installed by default to decrypt or do I need to install something to... (0 Replies)
Discussion started by: frustrated1
0 Replies
4. Solaris
hi,
is there any library functions available in sun solaries for encryption and decryption functions.
regards
suresh (1 Reply)
Discussion started by: suresh_rtp
1 Replies
5. UNIX for Dummies Questions & Answers
Dear Members,
Can we find if a particular file is encrypted or decrypted.
I need a command by which i should be able to identify if a file is encrypted or decrypted.
How can we do this? (1 Reply)
Discussion started by: sandeep_1105
1 Replies
6. Shell Programming and Scripting
How can view log messages between two time frame from /var/log/message or any type of log files.
when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval.
Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies
7. Shell Programming and Scripting
Hello All,
There are so many questions on this and I didn't find any concluded answer.
I want to encrypt a string in the script, actually this is a password. I tried using openssl (I am a newbie to openssl), but it is generating a long one which we can't remember.
I want to encrypt the... (5 Replies)
Discussion started by: karumudi7
5 Replies
8. Ubuntu
we are to develope a project on linux whose aim is to automatically encrypt files after logoff and to decrypt them using password after log in
this is to be made by chging source code of linux ...........
can any one help me on this???? (1 Reply)
Discussion started by: vyom
1 Replies
9. Shell Programming and Scripting
Redirecting log files to null writing junk into log files.
i have log files which created from below command
exec <processname> >$logfile
but when it reaches some size i am redirecting to null while process is running like
>$logfile
manually but after that it writes some junk into... (7 Replies)
Discussion started by: greenworld123
7 Replies
10. Shell Programming and Scripting
Hi Friends,
There are some 7 years script in out linux server. I am trying to understand them since Linux Server changed(A).
Below line in one of the encrypting script. Here scenario is encrypting bank files in our (A) server and doing Secure Copy to Server (B).
GPG -v --batch --yes --armor... (1 Reply)
Discussion started by: johnsnow
1 Replies
LEARN ABOUT REDHAT
fsck.minix
FSCK.MINIX(8) System Administration FSCK.MINIX(8)
NAME
fsck.minix - check consistency of Minix filesystem
SYNOPSIS
fsck.minix [options] device
DESCRIPTION
fsck.minix performs a consistency check for the Linux MINIX filesystem.
The program assumes the filesystem is quiescent. fsck.minix should not be used on a mounted device unless you can be sure nobody is writ-
ing to it. Remember that the kernel can write to device when it searches for files.
The device name will usually have the following form:
/dev/hda[1-63] IDE disk 1
/dev/hdb[1-63] IDE disk 2
/dev/sda[1-15] SCSI disk 1
/dev/sdb[1-15] SCSI disk 2
If the filesystem was changed, i.e., repaired, then fsck.minix will print "FILE SYSTEM HAS CHANGED" and will sync(2) three times before
exiting. There is no need to reboot after check.
WARNING
fsck.minix should not be used on a mounted filesystem. Using fsck.minix on a mounted filesystem is very dangerous, due to the possibility
that deleted files are still in use, and can seriously damage a perfectly good filesystem! If you absolutely have to run fsck.minix on a
mounted filesystem, such as the root filesystem, make sure nothing is writing to the disk, and that no files are "zombies" waiting for
deletion.
OPTIONS
-l, --list
List all filenames.
-r, --repair
Perform interactive repairs.
-a, --auto
Perform automatic repairs. This option implies --repair and serves to answer all of the questions asked with the default. Note
that this can be extremely dangerous in the case of extensive filesystem damage.
-v, --verbose
Be verbose.
-s, --super
Output super-block information.
-m, --uncleared
Activate MINIX-like "mode not cleared" warnings.
-f, --force
Force a filesystem check even if the filesystem was marked as valid. Marking is done by the kernel when the filesystem is
unmounted.
-V, --version
Display version information and exit.
-h, --help
Display help text and exit.
DIAGNOSTICS
There are numerous diagnostic messages. The ones mentioned here are the most commonly seen in normal usage.
If the device does not exist, fsck.minix will print "unable to read super block". If the device exists, but is not a MINIX filesystem,
fsck.minix will print "bad magic number in super-block".
EXIT CODES
The exit code returned by fsck.minix is the sum of the following:
0 No errors
3 Filesystem errors corrected, system should be rebooted if filesystem was mounted
4 Filesystem errors left uncorrected
7 Combination of exit codes 3 and 4
8 Operational error
16 Usage or syntax error
AUTHORS
Linus Torvalds <torvalds@cs.helsinki.fi>
Error code values by Rik Faith <faith@cs.unc.edu>
Added support for filesystem valid flag: Dr. Wettstein <greg%wind.uucp@plains.nodak.edu>.
Check to prevent fsck of mounted filesystem added by Daniel Quinlan <quinlan@yggdrasil.com>.
Minix v2 fs support by Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>, updated by Nicolai Langfeldt <janl@math.uio.no>.
Portability patch by Russell King <rmk@ecs.soton.ac.uk>.
SEE ALSO
fsck(8), fsck.ext2(8), mkfs(8), mkfs.ext2(8), mkfs.minix(8), reboot(8)
AVAILABILITY
The fsck.minix command is part of the util-linux package and is available from Linux Kernel Archive <https://www.kernel.org/pub/linux/utils
/util-linux/>.
util-linux June 2015 FSCK.MINIX(8)