Full Disk Encryption Nexus 5
-
@peter-gamma UT isn't a traditional desktop linux. It is designed for mobile so that won't work. FDE has been discussed a lot of time and I think the main concern is how to implement a keyboard to unlock the disk without loading system and of course, someone has to implement it
-
@kugiigi thanks, good to know, I planned to try this. Is there no chance that Veracrypt works on Ubuntu Touch?
-
@peter-gamma
It may work, but you'll need to heavily modify the system.
Hence do it at your own risk, I won't recommend to do it if it's your daily driver...Installing veracrypt using Libertine will not work, so you'll have to either create an unconfined app to partially encrypt your disk or you may try to install it directly on the system which is more likely what you're looking for, but you'll have to overcome the limitations explained earlier...
-
@applee thanks. Sounds complicated, and since I don't code and don't have the time for too much experiments, I won't try it. Looking forward to the day when there is a straight forward system encyption for Ubuntu Touch.
I recently encrypted an old Windows 10 PC with Veracrypt, and it worked fine. The PC stuck during the installation, but after a reboot, the installation continued automatically, and the PC worked fine after the complete system encryption.
-
If I understood this thread in the Pine64 community right, full disc encryption should also work on Ubuntu touch:
https://forum.pine64.org/showthread.php?tid=12389&highlight=encryption
but there seem to be some problems with flickering background.
-
You can use the above instruction with Ubuntu Touch, but you need a PinePhone, and after the installation, you have an encrypted Linux Mobian.
I asked the question to Privacy & Tech Tips
on their youtube channel. Here is the answer:the installer could be modified from repository to use Ubuntu Touch for Xiaomi/Pocophone, but in this example I am flashing the pinephone mobian installer fde image/file itself. The full disk encryption installer part comes from PostmarketOS (originally). You may want to take a look at any PostmarketOS documentation/git repository for more information on the steps Mobian took to use it for their OS.
You may want to take a look at the installer setup for PostmarketOS for your specific phone boot loader requirements. PostmarketOS does a great job covering many different phones and this would be a great starting point for converting it to work well with your phone. Each phone has a different boot system and requirements. By using the PostmarketOS source for your phone, you will have something more compatible for booting to begin with (if that makes sense).
-
Source: Privacy & Tech Tips on youtube, How to: Flash Mobian Linux Installer w/Full Disk Encryption & Demo
https://www.youtube.com/watch?v=vjSASi7IbIU&feature=youtu.be
-
Quote from PinePhone community:
«Ubuntu touch is a completely different beast to ubuntu. As for mobian pretty sure I saw a post earlier about encrypting partitions»
https://forum.pine64.org/showthread.php?tid=1241&highlight=veracrypt
can the beast Ubuntu Touch not be tamed by switching off it s surface and control it completely with a keyboard and mouse, and make out of it a Desktop Ubuntu on a mobile device?
-
@peter-gamma What do you mean switching off its surface? you mean touchscreen? You can already control it with a mouse and keyboard.
-
@kugiigi I meant like in Windows 10. On windows 10 tablets, there is the option to innactivate touch functionality, and the option to control the tablet only by mouse and keyboard. If I use a Bluetooth mouse and keyboard with a Ubuntu Touch device, is it possible to control Veracrypt with mouse and keyboard?
-
@peter-gamma I don't think there's a way to disable touchscreen but why would you want that anyway, just don't touch the screen
About Veracrypy, I don't know what that is -
@kugiigi Veracrypt can be used to encypt e.g. Windows 10 systems or Ubuntu systems and drives, and it worked very good on my Windows 10 PC. Would be fine to be able to read for instance encrypted SD cards from a Ubuntu (touch) phone on a PC.
-
Pros of Veracrypt are that it is a professional open source desktop encryption software, which is very comfortable to use, and has many features. There is a Veracrypt version for Ubuntu. Is it possible to use Veracrypt on a Ubuntu Touch phone with a Bluetooth or USB keyboard? Are there differences in the booting process between Ubuntu and Ubuntu Touch, which could cause troubles?
-
@peter-gamma Assuming that VeraCrypt supports the phone architecture and you get a build of it for that architecture, yes, you could install it under libertine and use it. However it probably will not work well, as it is not designed for use on a phone. Maybe with an external display it could be somewhat usable. Also, you won't be able to use it for full disk encryption (which is the topic of this thread).
-
@dobey On my Windows 10 PC, full disc encryption of the whole system with Veracrypt works very well. I don t know whether it works also on Ubuntu (touch?). After the complete system is encrypted, it is only necessary to enter the password during booting. I also thought about using an external display for the encryption process of the system. But what about the booting process in Ubuntu Touch? When a keyboard input is required? Can Ubuntu Touch handle with touch input during the boot process?
-
@peter-gamma
A desktop computer is not a phone.
The computer has a physical keyboard to input the passphrase while on your phone you need the OS to bring you the virtual keyboard.
Hence when you boot up your phone you need to have the keyboard and other parts of the system uncrypted to allow you to decrypt the rest.
So full disk encryption requires heavy rework of the OS.SD card encryption is another topic...
-
@peter-gamma I don't know if VeraCrypt works with Ubuntu on a PC or not. However, as pointed out several times already in this thread, there is no way to enable full disk encryption on Ubuntu Touch currently. VeraCrypt is not a solution for that either.
-
@dobey Yes, but as far I can judge, Veracrypt for Ubuntu Touch is worth testing.
-
@peter-gamma Well then, try it out and let us know the result here.
-
@thilov I currently have no time and not installed Ubuntu Touch on a device yet, but I invite also others to try Veracrypt out. Veracrypt is a desktop application. I have tried out Veracrypt on a Windows 10 PC and was very satisfied. What can be more encrypted of a device than the whole system, and Veracrypt can do it. It allows also to work with the PC during encryption, and encrypton can be reverted easily. According to my own my little experience, Veracrypt is a mature software. Veracrypt had safety issues, but they where discussed intensely, they where safety updates, none of the issues seemed to be severe. Is it not an advantage of Linux phones, that desktop applications like Veracrypt can run on it, or can adapted to it, respectively? I cannot see an advandage of a specialized full disc encryption software, which would be better than Veracrypt.