Hi - I've been asked to re-partition a
Dell 120 GB 5400 RPM Encrypted Serial ATA Hard Drive
and install CentOS 5 on the new partition.
It's a Dell Lattitude E5400 laptop.
Is this even possible with encrypted drives?
Does CentOS 5 need special drivers?
Any help would be greatly appreciated.
-- Agile
Agile Aspect wrote:
Hi - I've been asked to re-partition a
Dell 120 GB 5400 RPM Encrypted Serial ATA Hard Driveand install CentOS 5 on the new partition.
It's a Dell Lattitude E5400 laptop.
Is this even possible with encrypted drives?
How is it encrypted? Some new laptops come with drive encryption built into the hardware which I believe is totally transparent to the OS, sample device: http://www.seagate.com/docs/pdf/datasheet/disc/ds_momentus_5400_fde_3.pdf
Looking at this: http://accessories.dell.com/sna/products/Internal_Hard_Drives/productdetail....
The drive they have seems similar, so I would expect re-partitioning to work fine, though of course backup any important data before trying.
nate
nate wrote:
Agile Aspect wrote:
Hi - I've been asked to re-partition a
Dell 120 GB 5400 RPM Encrypted Serial ATA Hard Driveand install CentOS 5 on the new partition.
It's a Dell Lattitude E5400 laptop.
Is this even possible with encrypted drives?
How is it encrypted? Some new laptops come with drive encryption built into the hardware which I believe is totally transparent to the OS, sample device: http://www.seagate.com/docs/pdf/datasheet/disc/ds_momentus_5400_fde_3.pdf
Looking at this: http://accessories.dell.com/sna/products/Internal_Hard_Drives/productdetail....
The drive they have seems similar, so I would expect re-partitioning to work fine, though of course backup any important data before trying.
nate
Excuse a really dumb question, how does this provide me with security? I assume it still uses the normal SATA interface and thus the OS writes to the drive as normal, but now it is encrypted onto the physical media..... so now I steal the laptop, or just the physical drive, plug it into my SATA controller and voila read all the encrypted data off the drive??? I am obviously missing something - there must be a key somewhere off the drive for this to work as a securely encrypted system. Flumoxed!
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Rob Kampen wrote:
Excuse a really dumb question, how does this provide me with security? I assume it still uses the normal SATA interface and thus the OS writes to the drive as normal, but now it is encrypted onto the physical media..... so now I steal the laptop, or just the physical drive, plug it into my SATA controller and voila read all the encrypted data off the drive??? I am obviously missing something - there must be a key somewhere off the drive for this to work as a securely encrypted system.
Never used it myself but from the PDF http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde.3.pdf
Consumers can easily integrate this drive and use their BIOS password to set up authentication. They get easy, strong encryption with no performance impact.
--
So it sounds like your prompted for the password when you boot the system, probably during POST somehow. Maybe it only works on special modern versions of BIOSs.
nate
At Thu, 26 Mar 2009 16:04:06 -0400 CentOS mailing list centos@centos.org wrote:
nate wrote:
Agile Aspect wrote:
Hi - I've been asked to re-partition a
Dell 120 GB 5400 RPM Encrypted Serial ATA Hard Driveand install CentOS 5 on the new partition.
It's a Dell Lattitude E5400 laptop.
Is this even possible with encrypted drives?
How is it encrypted? Some new laptops come with drive encryption built into the hardware which I believe is totally transparent to the OS, sample device: http://www.seagate.com/docs/pdf/datasheet/disc/ds_momentus_5400_fde_3.pdf
Looking at this: http://accessories.dell.com/sna/products/Internal_Hard_Drives/productdetail....
The drive they have seems similar, so I would expect re-partitioning to work fine, though of course backup any important data before trying.
nate
Excuse a really dumb question, how does this provide me with security? I assume it still uses the normal SATA interface and thus the OS writes to the drive as normal, but now it is encrypted onto the physical media..... so now I steal the laptop, or just the physical drive, plug it into my SATA controller and voila read all the encrypted data off the drive??? I am obviously missing something - there must be a key somewhere off the drive for this to work as a securely encrypted system. Flumoxed!
From what little I gathered from the promo PDF, there was some mumbling
about the BIOS. I'm guessing that the drive somehow requests a passkey during system startup somehow. But this is only a guess.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
begin:vcard fn:Rob Kampen n:Kampen;Rob email;internet:rob@kampensonline.net tel;cell:407-341-3815 version:2.1 end:vcard
MIME-Version: 1.0
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi,
2009/3/26 Rob Kampen rkampen@kampensonline.com:
Excuse a really dumb question, how does this provide me with security? I assume it still uses the normal SATA interface and thus the OS writes to the drive as normal, but now it is encrypted onto the physical media..... so now I steal the laptop, or just the physical drive, plug it into my SATA controller and voila read all the encrypted data off the drive??? I am obviously missing something - there must be a key somewhere off the drive for this to work as a securely encrypted system. Flumoxed!
At the end of that article: http://headworx.slupik.com/2008/02/fde-full-disk-encryption-hard-drive.html there are three useful links which maybe will clarify how FDE works.
from the last link:
"In short, it is a security solution that fully encrypts your entire Hard Disk Drive (HDD), including the Operating System etc. It is one of the "most transparent" encryption products you can get for your computer. Once installed you just have to authenticate once before the boot time, and if successful the HDD is unlocked and behaves like any other HDD. You don't have to worry about what files to encrypt and what not to encrypt. With FDE everything is encrypted. It is for the same reason that the US Government is currently conducting a competition of various FDE solutions to select and implement the best one."
Cheers,
-
Agile Aspect -
Ionut Vancea -
nate -
Rob Kampen -
Robert Heller