Difference between revisions of "Cool Solution - Encrypted USB sticks for UCC clients"

From Univention Wiki

Jump to: navigation, search
(Created page with "{{Version|UCC=1.0}} {{Cool Solutions Repository}} = Introduction = = Installation = On the UCC client, the package '''univention-ucc-truecrypt''' has to be installed. apt-g...")
 
Line 3: Line 3:
  
 
= Introduction =
 
= Introduction =
 +
 +
'''univention-ucc-truecrypt''' allows to
 +
 +
 
= Installation =
 
= Installation =
  
Line 10: Line 14:
  
 
= Configuration of USB storage devices =
 
= Configuration of USB storage devices =
 +
 +
The following command can be used to create a 1GB truecrypt container with the password "univention", the name "secure.tct" and the filesystem FAT.
 +
 +
-> truecrypt -t -c secure.tct \
 +
    --volume-type=normal \
 +
    --encryption=AES \
 +
    --hash=RIPEMD-160 \
 +
    --filesystem=FAT
 +
    -p univention \
 +
    -k "" \
 +
    --random-source=/dev/urandom \
 +
    --size=1063256064
 +
 +
= UCR configuration =
 +
 +
The behavior when mounting truecrypt containers can be configured through the following UCR variables on the UCC client:
  
 
* ''ucc/usb/truecrypt/mount/options'' Mount options for the truecrypt device. (default: umask=0000)
 
* ''ucc/usb/truecrypt/mount/options'' Mount options for the truecrypt device. (default: umask=0000)
Line 16: Line 36:
 
* ''ucc/usb/truecrypt/sessions'' Comma-separated list of xsessions where truecrypt devices are mounted.
 
* ''ucc/usb/truecrypt/sessions'' Comma-separated list of xsessions where truecrypt devices are mounted.
  
= UCR configuration =
 
 
= Technical background =
 
= Technical background =
  
 
= Known issues =
 
= Known issues =
  
At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ''ucc/usb/truecrypt/sessions'').
+
* At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ''ucc/usb/truecrypt/sessions'').
 +
* If FAT is used as filesystem, the truecrypt container can have a size of maximum 4GB

Revision as of 12:38, 13 May 2013

Produktlogo UCC Version 1.0

Template:Cool Solutions Repository

Introduction

univention-ucc-truecrypt allows to


Installation

On the UCC client, the package univention-ucc-truecrypt has to be installed.

apt-get install univention-ucc-truecrypt

Configuration of USB storage devices

The following command can be used to create a 1GB truecrypt container with the password "univention", the name "secure.tct" and the filesystem FAT.

-> truecrypt -t -c secure.tct \
   --volume-type=normal \
   --encryption=AES \
   --hash=RIPEMD-160 \
   --filesystem=FAT
   -p univention \
   -k "" \
   --random-source=/dev/urandom \
   --size=1063256064 

UCR configuration

The behavior when mounting truecrypt containers can be configured through the following UCR variables on the UCC client:

  • ucc/usb/truecrypt/mount/options Mount options for the truecrypt device. (default: umask=0000)
  • ucc/usb/truecrypt/only If true, mount only devices with a truecrypt container. (default: false)
  • ucc/usb/truecrypt/container Name of the truecrypt container. (default: secure.tct)
  • ucc/usb/truecrypt/sessions Comma-separated list of xsessions where truecrypt devices are mounted.

Technical background

Known issues

  • At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ucc/usb/truecrypt/sessions).
  • If FAT is used as filesystem, the truecrypt container can have a size of maximum 4GB
Personal tools