1) physical server Ubuntu 14.04 LTS x64 (host) has a 1TB physical harddrive where the entire disk is encrypted with LUKS password protection for data at rest solution and protection under the 5th amendment if it ever came to that.
1a) When I turn on the server I have to manually input the memorized 32 random complex character password to decrypt it. Since it's Linux I don't mind because I only have to reboot once or twice a year as opposed to M$ (every month). Yes-I am extremely security/privacy conscious and paranoid.Businesses, government agencies, and other institutions are concerned about the ever-present threat posed by hackers to data at rest. In order to keep data at rest from being accessed, stolen, or altered by unauthorized people, security measures such as data encryption and hierarchical password protection are commonly used. For some types of data, specific security measures are mandated by law.
fdisk -l from host:
Code: Select all
Disk /dev/mapper/sXX#_crypt: 1000.2 GB, 1000201740288 bytes
255 heads, 63 sectors/track, 121600 cylinders, total 1953519024 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x2052474d
This doesn't look like a partition table
Probably you selected the wrong device.
Device Boot Start End Blocks Id System
/dev/mapper/sXX#_crypt1 ? 6579571 1924427647 958924038+ 70 DiskSecure Multi-Boot
/dev/mapper/sXX#_crypt2 ? 1953251627 3771827541 909287957+ 43 Unknown
/dev/mapper/sXX#_crypt3 ? 225735265 225735274 5 72 Unknown
/dev/mapper/sXX#_crypt4 2642411520 2642463409 25945 0 Empty
2) virtual guest Ubuntu 14.04 LTS x64 (guest) Apache web server using a php application (heavily modified to make as secure as possible, not my choice to use php but I'm stuck with it) for cloud storage has the raw.vmdk file pointing to the un-encrypted local hard drive
.Disk /dev/mapper/sXX#_crypt
fdisk -l from guest:
Code: Select all
Disk /dev/sXX doesn't contain a valid partition table
Disk /dev/mapper/sXX_crypt: 1000.2 GB, 1000201740288 bytes
255 heads, 63 sectors/track, 121600 cylinders, total 1953519024 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x2052474d
This doesn't look like a partition table
Probably you selected the wrong device.
Device Boot Start End Blocks Id System
/dev/mapper/sXX_crypt1 ? 6579571 1924427647 958924038+ 70 DiskSecure Multi-Boot
/dev/mapper/sXX_crypt2 ? 1953251627 3771827541 909287957+ 43 Unknown
/dev/mapper/sXX_crypt3 ? 225735265 225735274 5 72 Unknown
/dev/mapper/sXX_crypt4 2642411520 2642463409 25945 0 Empty
Partition table entries are not in disk order
Now, when I mount the drive in the guest, and create a file or folder, it does not appear when I look at the same location on the host. Is this normal? Am I doing something incorrectly? Am I misunderstanding how this is supposed to work and what rawvmdisks are used for? Is it possibly a permissions issue?
Appreciate any help you can give or feedback other than comments like the "overly paranoid" "tinfoil hat wearing" type.