This shows you the differences between two versions of the page.
Next revision | Previous revision Last revision Both sides next revision | ||
android_-_os:s7edge [2016/05/26 15:28] tkilla created |
android_-_os:s7edge [2017/03/21 11:35] tkilla [Crypt home] |
||
---|---|---|---|
Line 16: | Line 16: | ||
more information: | more information: | ||
+ | |||
+ | ===== Linux Chroot ===== | ||
+ | |||
+ | TBD | ||
+ | |||
+ | |||
+ | ==== Crypt home ==== | ||
+ | |||
+ | It is possible to use a cryptfile as home partition in the linux chroot. Either mount a (huge) file or create a second partition on SDcard. | ||
+ | |||
+ | **Android doesn' | ||
+ | The first Sdcard partition must be formatted to exfat. The Partition type must be FAT32 LBA and bootflag must be set: Then android 6 will recognize it. | ||
+ | The second partition will be trigger a " | ||
+ | |||
+ | Commands to setup crypted partition: | ||
+ | |||
+ | openssl enc -aes-256-ctr -pass pass:" | ||
+ | |||
+ | cryptsetup -c aes-xts-plain64 --key-size 512 --hash sha512 -y luksFormat / | ||
+ | cryptsetup luksOpen / | ||
+ | mkfs.ext4 -j -m 1 -O dir_index, | ||
+ | |||
+ | Note: on a old android device i used these settings, because the kernel does not support the cipher above: | ||
+ | |||
+ | cryptsetup luksDump ... | ||
+ | | ||
+ | Cipher name: twofish | ||
+ | Cipher mode: cbc-plain | ||
+ | Hash spec: sha1 | ||
+ | |||
+ | |||
+ | Test: | ||
+ | mount / | ||
+ | # cop< stuff .. | ||
+ | umount /mnt/sd | ||
+ | cryptsetup luksClose / | ||
+ | # retry | ||
+ | |||
+ | Mount the partition in linux bootscript: | ||
+ | |||
+ | busybox mkdir $chrootdir/ | ||
+ | busybox -o bind /dev/block/ / | ||
+ | | ||
+ | Then inside the chroot, it can be mounted | ||
+ | cryptsetup luksOpen / | ||
+ | mount / | ||
+ | | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ |