Difference between revisions of "Cool Solution - Encrypted USB sticks for UCC clients"
From Univention Wiki
(Created page with "{{Version|UCC=1.0}} {{Cool Solutions Repository}} = Introduction = = Installation = On the UCC client, the package '''univention-ucc-truecrypt''' has to be installed. apt-g...") |
|||
| Line 3: | Line 3: | ||
= Introduction = | = Introduction = | ||
| + | |||
| + | '''univention-ucc-truecrypt''' allows to | ||
| + | |||
| + | |||
= Installation = | = Installation = | ||
| Line 10: | Line 14: | ||
= Configuration of USB storage devices = | = Configuration of USB storage devices = | ||
| + | |||
| + | The following command can be used to create a 1GB truecrypt container with the password "univention", the name "secure.tct" and the filesystem FAT. | ||
| + | |||
| + | -> truecrypt -t -c secure.tct \ | ||
| + | --volume-type=normal \ | ||
| + | --encryption=AES \ | ||
| + | --hash=RIPEMD-160 \ | ||
| + | --filesystem=FAT | ||
| + | -p univention \ | ||
| + | -k "" \ | ||
| + | --random-source=/dev/urandom \ | ||
| + | --size=1063256064 | ||
| + | |||
| + | = UCR configuration = | ||
| + | |||
| + | The behavior when mounting truecrypt containers can be configured through the following UCR variables on the UCC client: | ||
* ''ucc/usb/truecrypt/mount/options'' Mount options for the truecrypt device. (default: umask=0000) | * ''ucc/usb/truecrypt/mount/options'' Mount options for the truecrypt device. (default: umask=0000) | ||
| Line 16: | Line 36: | ||
* ''ucc/usb/truecrypt/sessions'' Comma-separated list of xsessions where truecrypt devices are mounted. | * ''ucc/usb/truecrypt/sessions'' Comma-separated list of xsessions where truecrypt devices are mounted. | ||
| − | |||
= Technical background = | = Technical background = | ||
= Known issues = | = Known issues = | ||
| − | At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ''ucc/usb/truecrypt/sessions''). | + | * At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ''ucc/usb/truecrypt/sessions''). |
| + | * If FAT is used as filesystem, the truecrypt container can have a size of maximum 4GB | ||
Revision as of 12:38, 13 May 2013
Template:Cool Solutions Repository
Contents
Introduction
univention-ucc-truecrypt allows to
Installation
On the UCC client, the package univention-ucc-truecrypt has to be installed.
apt-get install univention-ucc-truecrypt
Configuration of USB storage devices
The following command can be used to create a 1GB truecrypt container with the password "univention", the name "secure.tct" and the filesystem FAT.
-> truecrypt -t -c secure.tct \ --volume-type=normal \ --encryption=AES \ --hash=RIPEMD-160 \ --filesystem=FAT -p univention \ -k "" \ --random-source=/dev/urandom \ --size=1063256064
UCR configuration
The behavior when mounting truecrypt containers can be configured through the following UCR variables on the UCC client:
- ucc/usb/truecrypt/mount/options Mount options for the truecrypt device. (default: umask=0000)
- ucc/usb/truecrypt/only If true, mount only devices with a truecrypt container. (default: false)
- ucc/usb/truecrypt/container Name of the truecrypt container. (default: secure.tct)
- ucc/usb/truecrypt/sessions Comma-separated list of xsessions where truecrypt devices are mounted.
Technical background
Known issues
- At the moment, the integration of truecrypt devices is only supported in the XenApp Xsession (can be configured via ucc/usb/truecrypt/sessions).
- If FAT is used as filesystem, the truecrypt container can have a size of maximum 4GB
