Security : Encrypt CD/DVDs

This guide can be adapted to all linux ditro, its not one specific.

Installing necessary tools

[email protected]:~$sudo apt-get install aespipe mkisofs loop-aes-utils

Chose a password
You need to chose a 20+ character password and DO NOT FORGET IT, you will NEVER get your data back if you forget the password.

Note : Use KeePass

Creating the CD/DVD image
Make a directory called backup then copy the files you want to burn into the backup directory.
We are using AES encryption, you can chose from 128 or 256 bit key lengths, I recommend 256.

[email protected]:~$mkisofs -r backup | aespipe -e aes256 > backup.iso

or for 128 bit key length

[email protected]:~$mkisofs -r backup | aespipe -e aes128 > backup.iso

Mounting the image
First we need to load some modules

[email protected]:~$sudo modprobe aes
[email protected]:~$sudo modprobe cryptoloop

For 128 bit key lengths:

[email protected]:~$sudo mount -t iso9660 backup.iso /mnt/iso -o loop=/dev/loop0,encryption=aes128

For 256 bit key lengths:

[email protected]:~$sudo mount -t iso9660 backup.iso /mnt/iso -o loop=/dev/loop0,encryption=aes256

This will mount the image in /mnt/iso (make sure you have the directory before you try to mount)

You can burn the image with your k3b, you might get some warnings about the image but you can ignore them.

Mounting the new CD/DVD
First make sure you loaded the aes and cryptoloop modules

[email protected]:~$sudo modprobe aes
[email protected]:~$sudo modprobe cryptoloop

[email protected]:~$sudo mount -t iso9660 /dev/cdrom /mnt/iso -o loop=/dev/loop0,encryption=aes256

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.