Scribd Logo
Upload

Welcome to Scribd!

  • LAB5

    Uploaded by

    minhtdsa170195
    1 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    1 views5 pages

    LAB5

    Uploaded by

    minhtdsa170195

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 5

    # Lab 5: Hardening Security for Linux Services and Applications

    ## Overview

    This lab focuses on various methods to enhance the security of Linux services and applications
    through encryption. The exercises cover GPG key creation, file encryption, signing, and using tools
    like eCryptfs and VeraCrypt.

    ### 5.1 - Creating Your GPG Keys

    #### Steps:

    1. **Install GPG**:

    ```sh

    sudo apt-get install gnupg

    ```

    2. **Generate GPG Key**:

    ```sh

    gpg --gen-key

    ```

    - Follow the prompts to enter your name, email, and passphrase.

    3. **List Your Keys**:

    ```sh

    gpg --list-keys

    ```

    ### 5.2 - Symmetrically Encrypting Your Own Files

    #### Steps:

    1. **Encrypt a File**:

    ```sh

    gpg --symmetric --cipher-algo AES256 <filename>

    ```

    - Enter a passphrase when prompted.


    2. **Decrypt the File**:

    ```sh

    gpg --decrypt <filename>.gpg > <output_filename>

    ```

    ### 5.3 - Encrypting Files with Public Keys

    #### Steps:

    1. **Export Public Key**:

    ```sh

    gpg --armor --export <email> > public_key.asc

    ```

    2. **Import Public Key**:

    ```sh

    gpg --import public_key.asc

    ```

    3. **Encrypt File**:

    ```sh

    gpg --encrypt --recipient <email> <filename>

    ```

    4. **Decrypt File**:

    ```sh

    gpg --decrypt <filename>.gpg > <output_filename>

    ```

    ### 5.4 - Signing a File without Encryption

    #### Steps:

    1. **Sign a File**:

    ```sh

    gpg --clearsign <filename>


    ```

    2. **Verify a Signed File**:

    ```sh

    gpg --verify <filename>.asc

    ```

    ### 5.7 - Encrypting a Home Directory for a New User Account

    #### Steps:

    1. **Install eCryptfs**:

    ```sh

    sudo apt-get install ecryptfs-utils

    ```

    2. **Create a New User with Encrypted Home Directory**:

    ```sh

    sudo adduser --encrypt-home <username>

    ```

    3. **Log In as the New User**:

    ```sh

    su - <username>

    ```

    ### 5.8 - Encrypting Other Directories with eCryptfs

    #### Steps:

    1. **Mount Encrypted Directory**:

    ```sh

    sudo mount -t ecryptfs <source_dir> <target_dir>

    ```

    2. **Follow the Prompts** to enter passphrase and encryption options.


    ### 5.9 - Getting and Installing VeraCrypt

    #### Steps:

    1. **Download VeraCrypt** from the official website:

    ```sh

    wget https://www.veracrypt.fr/download/Veracrypt-1.24-Update7-Ubuntu-20.04-amd64.deb

    ```

    2. **Install VeraCrypt**:

    ```sh

    sudo dpkg -i Veracrypt-1.24-Update7-Ubuntu-20.04-amd64.deb

    ```

    3. **Fix Any Dependencies**:

    ```sh

    sudo apt-get install -f

    ```

    ### 5.10 - Creating and Mounting a VeraCrypt Volume in Console Mode

    #### Steps:

    1. **Create a New Volume**:

    ```sh

    veracrypt --text --create

    ```

    - Follow the prompts to configure volume size, encryption, and password.

    2. **Mount the Volume**:

    ```sh

    veracrypt --text --mount <path_to_volume> <mount_point>

    ```

    3. **Dismount the Volume**:


    ```sh

    veracrypt --text --dismount <mount_point>

    ```

    ---

    You might also like