Security : Encrypt CD/DVDs

This guide can be adapted to all linux ditro, its not one specific.

Installing necessary tools

kartook@Nilas:~$sudo apt-get install aespipe mkisofs loop-aes-utils

Chose a password
You need to chose a 20+ character password and DO NOT FORGET IT, you will NEVER get your data back if you forget the password.

Note : Use KeePass

Creating the CD/DVD image
Make a directory called backup then copy the files you want to burn into the backup directory.
We are using AES encryption, you can chose from 128 or 256 bit key lengths, I recommend 256.

kartook@Nilas:~$mkisofs -r backup | aespipe -e aes256 > backup.iso

or for 128 bit key length

kartook@Nilas:~$mkisofs -r backup | aespipe -e aes128 > backup.iso

Mounting the image
First we need to load some modules

kartook@Nilas:~$sudo modprobe aes
kartook@Nilas:~$sudo modprobe cryptoloop

For 128 bit key lengths:

kartook@Nilas:~$sudo mount -t iso9660 backup.iso /mnt/iso -o loop=/dev/loop0,encryption=aes128

For 256 bit key lengths:

kartook@Nilas:~$sudo mount -t iso9660 backup.iso /mnt/iso -o loop=/dev/loop0,encryption=aes256

This will mount the image in /mnt/iso (make sure you have the directory before you try to mount)

Burning
You can burn the image with your k3b, you might get some warnings about the image but you can ignore them.

Mounting the new CD/DVD
First make sure you loaded the aes and cryptoloop modules

kartook@Nilas:~$sudo modprobe aes
kartook@Nilas:~$sudo modprobe cryptoloop

kartook@Nilas:~$sudo mount -t iso9660 /dev/cdrom /mnt/iso -o loop=/dev/loop0,encryption=aes256

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.