Prevent user from gaining root access

[Jaman42]

Personally, it sounds to me like you are making this exercise more complicated than it needs to be. You're talking about scrambling files and moving things around, etc. Why do all that? If you want to prevent someone from gaining access to your files, simply use home folder encryption and choose a complex password. If you want to prevent people from using revoery mode, disable recovery mode in GRUB (as someone above suggested). Everything else is just making a lot of extra steps for yourself without gaining any real security.

Just doing some brainstorming to try and get some further. I said earlier in the thread that the system needs to be able to execute the file using crontab without any user interaction. This isn't possible if I use a complex password to encrypt the home folder is it?

Yeah to disable recovery mode seems like a good idea, I took a note of that. I'm confident that there are more ways of making it harder to get to the information in the file without user interaction. I respect your opinion but I don't think I am making the exercise more complicated than it needs to be, I have just started making things complicated. And I need more ideas to make it even more complicated. Thank you so far for all the input, already learned a whole bit.

This, for the most part. Unless you want to encrypt the entire drive, they would still have access via a livecd...
Physical access = root access, like always.

That's why I was thinking about obfuscating and trying to hide the file, since he will have physical access to the unit and may remove the harddrive. But as I said, I am only brainstorming to try and come up with a solution to make it as hard as possible following the guidelines.

[thnewguy]

It sounds like you're saying root needs to have access to run a file, but at the same time you don't want someone with the root account to be able to access/read the file. That is a bit of a contradiction. You could do something where cron executables a script and that script checks to see if your user is logged in. Assuming your user is logged in (your home folder would then be unencrypted) then the script runs the file you are protecting. If you are not logged in then the file is encrypted and cannot be accessed. This would basically mean when you are at the computer the crontab job runs properly, but when you logout the cron job doesn't get run. Best of both worlds.

[Jaman42]

Hi, thanks for the input.

"It sounds like you're saying root needs to have access to run a file, but at the same time you don't want someone with the root account to be able to access/read the file"
Then perhaps I explained it wrong, the user isn't going to have access to the root account. The user is going to have a basic account removed from the sudo group.

If I use a encrypted home folder as you suggest, it isn't possible to use auto login is it? I need it to work without user input, otherwise I would just encrypt the whole system.

*Edit: This is more of a programming approach but I must also think about what programming language to use, if the end file is a compiled obfuscated file (perhaps C) then it would off course make things harder then for example Python.

[Jaman42]

I got another idea that I need some help with to pull off. I couldn't quite let go of the encryption idea so i was reading up on it. I understand some parts of what I read and I know what I want to do but I am not sure how to do it. I want it to work like when you encrypt the entire drive but I want to use a keyfile on a USB stick to unlock the partitions. Since I need to give him the unit and the USB stick in this case I read something about hiding the keyfile between the MBR and the first partition. I was planning on doing this and make the rest of the partiton into a usb installer for Ubuntu. That would probably be quite deceptive for a beginner and would buy me quite some time I hope.

I also came across this quote "Security through obscurity is bad" a couple of times . It's just one of the steps I want to do, buying me some extra time.

So where do I start?

Thanks everyone for reading and giving me advice.

[ian-weisser]

If you put the keyfile in a foolish place on the hard drive, the OS (or partitioner or bootloader) may not realize it's vital data and may happily overwrite it. Or you may happily overwrite it yourself when you repartition the drive to make more room for games or porn or whatever, or when you run a disk utility with the wrong options. Then your encrypted data is gone. Forever.

You can use a keyfile on a USB stick...but what happens when you lose the stick, or send it through the laundry? Then your encrypted data is gone. Forever.

You can keep a backup copy of the cleverly-hidden key somewhere...but how will you secure it? If someone gets hold of your backup, they have your key and all your data is theirs. Or, worse, the day you need the backup you discover it's corrupt (or overwritten) after a year sitting forgotten in the drawer. Then your encrypted data is gone.

Look back through the myriad old threads here: "Hey, I lost/deleted/overwrote my key; how do I recover all my encrypted data?" You don't. It's random gibberish now.

[Jaman42]

Hi, thank you for your input. In my case it doesn't really matter if I loose the keyfile or not, I am trying to do this to learn how it all works. What can be done and how to do it, I fully understand that using a strong pass phrase that you can remember and don't write down anywhere with your encryption is the way to go. However I can't do it like that this time because the system needs to be automated as per previous posts.

But if your worried about loosing the keyfile can't you just use a strong password in another slot? So you can decrypt and perhaps make a new keyfile, that way if you loose your keyfile you can remove it and make a new one?

Found this blog post but its pretty old so I don't know if it is applicable for Ubuntu 14.04? http://blog.andreas-haerter.com/2011...ption-lvm-luks

Any other input?

*Edit: Realized I posted the wrong link, can't find the one I meant atm but I'll have to try some and see if I can figure it out, been doing some more reading today and it doesn't seem to complicated.

[Jaman42]

So I have generated a keyfile with random data, added the keyfile with luksAddKey and got it working when just storing the keyfile plain on a USB and that's fine for a start.

I edited /etc/crypttab to unlock with the keyfile stored on the usb, now to the new question.

Is it possible in /etc/crypttab to read from sectors on the USB instead of specifying a path to a file?

Thanks for reading