Endpoint Encryption

 View Only

  • 1.  PGP WDE with TPM on Linux Ubuntu

    Posted May 22, 2011 04:33 AM

    Dear all,

    I need a solution for locking a hard drive to a particular computer. It seems like PGP WDE can provide such solution. However, here are my details:

    - OS: Ubuntu 10.04 (i can downgrade to 9.04 if necessary)

    - Computer: MSI mainboard with MSI TPM chip

    - Encryption needs: automatically encryption/decryption of some folders (eg. /var/www, /usr/bin, /usr/local/bin) with the TPM

    - Extra (bonus): if it can provide pre-boot authentication via TPM is optional but a plus!

    Does this version of PGP exist??? If so, how does the installation process go from start to finish?? I meant shall we install the OS first or the PGP first?

     

    Thanks!



  • 2.  RE: PGP WDE with TPM on Linux Ubuntu

    Posted Aug 23, 2011 06:37 PM

    You need to get the lastest version off of fileconnect. But it doesn't support automatic/encryption of specific folders. It encrypts the entire hard drive. But you can use this in tandem with the TPM chip and provide pre-boot authentication for the encrypted disk.

    here is a copy of the users guide for PGP WDE 10.2 on Linux:

    http://www.symantec.com/docs/DOC4560



  • 3.  RE: PGP WDE with TPM on Linux Ubuntu

    Posted Aug 28, 2011 05:29 AM

    Did you check the Ubuntu community support documentation regarding LVM - Logical Volume Manager & Cryptsetup utilizing LUKS & Grub2 auth with AES256?

    https://help.ubuntu.com/community/EncryptedFilesystemLVMHowto

    You might want to read those before you shell out (pun) for PGP WDE.

    I recollect that on 10:10 Meerkat DVD you can select LVM - Encrypted /root /home /swap setup from the installer before you opt to install and input a passphrase.

    Then you have to hand edit the grub2 startup file and tell it to use AES on your grub2 password, this way no one can hot-boot your linux and use the recovery console without providing a password to the grub boot manager.

    Whole Disk Encryption or Secure File System is already supported in Linux without the need to use PGP.

    But I digress I am probably not winning any friends over at symantic by informing you about it.

    Would you prefer - PGP - Pretty Good Privacy or MGP - Military Grade Privacy - Security Enhanced Linux with a LUKS mountable file system.

    Not so easy on Ubuntu as they dont support the SELinux Kernel. But kind of a no brainer ;)