Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

PGP WDE with TPM on Linux Ubuntu

Created: 22 May 2011 | 2 comments

Dear all,

I need a solution for locking a hard drive to a particular computer. It seems like PGP WDE can provide such solution. However, here are my details:

- OS: Ubuntu 10.04 (i can downgrade to 9.04 if necessary)

- Computer: MSI mainboard with MSI TPM chip

- Encryption needs: automatically encryption/decryption of some folders (eg. /var/www, /usr/bin, /usr/local/bin) with the TPM

- Extra (bonus): if it can provide pre-boot authentication via TPM is optional but a plus!

Does this version of PGP exist??? If so, how does the installation process go from start to finish?? I meant shall we install the OS first or the PGP first?

 

Thanks!

Comments 2 CommentsJump to latest comment

PGP_Ben's picture

You need to get the lastest version off of fileconnect. But it doesn't support automatic/encryption of specific folders. It encrypts the entire hard drive. But you can use this in tandem with the TPM chip and provide pre-boot authentication for the encrypted disk.

here is a copy of the users guide for PGP WDE 10.2 on Linux:

http://www.symantec.com/docs/DOC4560

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.

Trivia1's picture

Did you check the Ubuntu community support documentation regarding LVM - Logical Volume Manager & Cryptsetup utilizing LUKS & Grub2 auth with AES256?

https://help.ubuntu.com/community/EncryptedFilesys...

You might want to read those before you shell out (pun) for PGP WDE.

I recollect that on 10:10 Meerkat DVD you can select LVM - Encrypted /root /home /swap setup from the installer before you opt to install and input a passphrase.

Then you have to hand edit the grub2 startup file and tell it to use AES on your grub2 password, this way no one can hot-boot your linux and use the recovery console without providing a password to the grub boot manager.

Whole Disk Encryption or Secure File System is already supported in Linux without the need to use PGP.

But I digress I am probably not winning any friends over at symantic by informing you about it.

Would you prefer - PGP - Pretty Good Privacy or MGP - Military Grade Privacy - Security Enhanced Linux with a LUKS mountable file system.

Not so easy on Ubuntu as they dont support the SELinux Kernel. But kind of a no brainer ;)