Content-type: text/html Manpage of ppddinit

ppddinit

Section: User Commands (1)
Updated:
Index Return to Main Contents
 

NAME

ppddinit - initialise a file or disc partition for ppdd  

SYNOPSIS

This is the first step in creating an encrypted filesystem under ppdd. The master keys are generated and a user pass phrase is used to encrypt them. The encrypted control block is written as the first 1024 bytes of the file or partitiion.  

DESCRIPTION

In order to use ppdd the first step after installing and compiling the software is to create a "host" file or disc partition. The first 1024 bytes are set aside for holding key and control information. This block of data is itself encrypted using a key derived from the users pass phrase. This program creates that control block.
It also allows the user to elect to fill the remainder of the file or disc partition with random data or to encrypt an already existing filesystem.  

Random data

For filling the disc with random data, ppdd encrypts with blowfish using a random key.
For keys and the like, ppdd uses the /dev/urandom device but adds some input from the real random device and uses blowfish to mix the data very thoroughly - just in case there is a problem with either of these Linux devices. This is what happens when you choose the "-w" option.
For high quality random data for keys, ppdd uses both the /dev/random device and combines this with user entered data. Both the time between character strokes and one bit of the actual character contribute to the end result along with the output from /dev/random. This is what you get without the "-w" option.
You can choose to repeat this process by using the "-s" option.  

Pass phrases

The ppdd system allow two lines of pass phrase. Each line can be up to 104 characters long. You should aim for pass phrases that are hard to guess. Now that is easier said than done. If you use verbatim well known sayings or quotes - or even less well known ones you are open to a dictionary attack. The use of non-English phrases doesn't help much.
The pass phrase you enter in ppddinit is the master pass phrase. You can change it later with ppddpassw if you wish.  

OPTIONS

If any invalid combination of switches and arguments is used the program displays a primitive help message. The program takes exactly two argument(s) and various switches.  

The first argument is a ppdd device e.g. /dev/ppdd0  

The second argument is a real device e.g. /dev/hda1 or a file.
If it is a file then this file must already exist and have been filled with data e.g.
dd if=/dev/zero of=/home/ppddfile bs=1k count=1k  

Switches are as follows:  

-w     use weaker random data for keys
 

-s     use stronger random data
 

If you omit both -w and -s you have to press random keys to help the random number process. With the -s option you do this twice. Both switches together is an illegal combination.  

-r     fill the file of device with random data
 

It takes a number of bytes as argment, zero means full to overflowing. It is well worth doing from a security point of view.  

-x     encrypt the data already on the file or device
 

This is very useful for converting an existing filesystem to ppdd. If you select this option you must let the encryption run to the end. The encryption takes place in the same disc area as the original data so if you interupt the process all is lost.
The -r and -x switches are mutually exclusive.  

-b     write a backup control block
 

This takes a filename as argument. A copy of the first 1024 bytes is written to this file. See the various documentation about security of backups to understsand why you might want this.  

 

RETURN VALUE

The program returns 0 if everything worked as expected. That means that the ppdd device has been successfully connected to the host device or file.
The program returns 1 if anything has gone wrong.
 

ERRORS

All ppdd utilities display fairly meaningful errors (mostly on stderr). In all cases the errors have a unique error number to help locate the problem in the source code. If an error message is not clear then best source of explanation at this stage is the source itself.  

ENVIRONMENT

The program does not use any environment variables.  

FILES

Files (and devices) are specified as arguments.  

SEE ALSO

ppdd(1) ppddcsum(1) ppdddown(1) ppddmchk(1) ppddpassw(1) ppddsetup(1) ppdduprev(1) ppdecrypt(1) ppdncrypt(1) ppddtab(5).  

(c) 1999 Allan Latham - version 0.9


 

Index

NAME
SYNOPSIS
DESCRIPTION
Random data
Pass phrases
OPTIONS
RETURN VALUE
ERRORS
ENVIRONMENT
FILES
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 16:35:57 GMT, September 14, 1999