[BitVisor-users-en:10] Re: Howto for Windows

Sandy Herman sandyherman at gmx.net
Sun Nov 25 04:27:41 JST 2012 

Hello,

Now I could install Bitvisor on "/dev/sda2" via GRUB2. It worked,
Bitvisor asks the password, but the disk "/dev/sda1" remains
unencrypted.
sda1: LBA(63,467419135)
Attached my "bitvisor.conf"

Thanks a lot!
Sandy


Am 13.11.2012 08:52, schrieb Katsuya MATSUBARA:
>   Hi Sandy,
>
> From: Sandy Herman <sandyherman at gmx.net>
> Date: Fri, 09 Nov 2012 22:53:38 +0100
>
>> Is there a chance to encrypt the harddisk running an
>> Ubuntu live System?
>> I can install Bitvisor (with background-encryption-patch),
>> but the harddisk is not encrypted - and remains unencrypted.
>   Please see the attached file.
>   This is an example configuration for the background encyption.
>
>   This configuration is 'defconfig'-sytled.
>   You should modify the 'storage' section in your defconfig,
>   that exists at root of the source code tree, using the example.
>   Especilly you must adjust the 'data_lba', 'keys', 'lba-low' and
>   'lba-high' parameters for your environment.
>   Then you can rebuild bitvisor.elf with the modified defconfig.
>
>   You cannot use the boot/login-simple and the boot/login
>   if you want to validate 'defconfig' since bitvisor.conf overwrites
>   the whole parameters defined by defconfig.
>   If you would like to use the login authentication, you can try to
>   rewrite the example for bitvisor.conf.
>   Unfortunately I have never tried to enable/configure the
>   background encyption with bitvisor.conf, but it must work.
>
>   Thanks,
> ---
>   Katsuya Matsubara / IGEL Co. Ltd.
>   matsu at igel.co.jp
>

-------------- next part --------------
# idman
#idman.pkc01File=
#idman.pkc02File=
#idman.pkc03File=
idman.randomSeedSize=128
idman.maxPinLen=16
idman.minPinLen=16
#idman.authenticationMethod=PKI
# VPN ???
vpn.mode=L2Trans
vpn.virtualGatewayMacAddress=00-88-88-88-88-88
vpn.bindV4=true
vpn.guestIpAddressV4=192.168.100.1
vpn.guestIpSubnetV4=255.255.255.0
vpn.guestMtuV4=1400
#vpn.guestVirtualGatewayIpAddressV4=192.168.6.254
vpn.dhcpV4=true
vpn.dhcpLeaseExpiresV4=3600
vpn.dhcpDnsV4=192.168.3.254
vpn.dhcpDomainV4=sec.softether.co.jp
vpn.adjustTcpMssV4=1240
vpn.hostIpAddressV4=192.168.12.11
vpn.hostIpSubnetV4=255.255.255.0
vpn.hostMtuV4=1500
vpn.hostIpDefaultGatewayV4=192.168.12.254
vpn.optionV4ArpExpires=60
vpn.optionV4ArpDontUpdateExpires=true
vpn.vpnGatewayAddressV4=192.168.11.1
vpn.vpnAuthMethodV4=Password
vpn.vpnPasswordV4=password1
vpn.vpnIdStringV4=user1 at tsukuba.ac.jp
#vpn.vpnCertFileV4=/path/to/cert
#vpn.vpnCaCertFileV4=/path/to/cacert
#vpn.vpnRsaKeyFileV4=/path/to/rsakey
vpn.vpnSpecifyIssuerV4=false
vpn.vpnPhase1CryptoV4=3DES
vpn.vpnPhase1HashV4=SHA-1
vpn.vpnPhase1LifeSecondsV4=7200
vpn.vpnPhase1LifeKilobytesV4=0
vpn.vpnWaitPhase2BlankSpanV4=100
vpn.vpnPhase2CryptoV4=3DES
vpn.vpnPhase2HashV4=SHA-1
vpn.vpnPhase2LifeSecondsV4=7200
vpn.vpnPhase2LifeKilobytesV4=0
vpn.vpnConnectTimeoutV4=5
vpn.vpnIdleTimeoutV4=300
vpn.vpnPingTargetV4=192.168.3.120
vpn.vpnPingIntervalV4=12
vpn.vpnPingMsgSizeV4=32
vpn.bindV6=false
vpn.guestIpAddressPrefixV6=2000::
vpn.guestIpAddressSubnetV6=64
vpn.guestMtuV6=1400
#vpn.guestVirtualGatewayIpAddressV6=
vpn.raV6=true
vpn.raLifetimeV6=300
vpn.raDnsV6=2001:dc4::1
vpn.hostIpAddressV6=5000::1:2:3:4
vpn.hostIpAddressSubnetV6=64
vpn.hostMtuV6=1500
vpn.hostIpDefaultGatewayV6=5000::254
vpn.optionV6NeighborExpires=60
vpn.vpnGatewayAddressV6=1000::1
vpn.vpnAuthMethodV6=Password
vpn.vpnPasswordV6=Akihabara
vpn.vpnIdStringV6=testv6 at tsukuba.ac.jp
#vpn.vpnCertFileV6=/path/to/cert
#vpn.vpnCaCertFileV6=/path/to/cacert
#vpn.vpnRsaKeyFileV6=/path/to/rsakey
#vpn.vpnSpecifyIssuerV6=
vpn.vpnPhase1CryptoV6=3DES
vpn.vpnPhase1HashV6=SHA-1
vpn.vpnPhase1LifeSecondsV6=7200
vpn.vpnPhase1LifeKilobytesV6=0
vpn.vpnWaitPhase2BlankSpanV6=100
vpn.vpnPhase2CryptoV6=3DES
vpn.vpnPhase2HashV6=SHA-1
vpn.vpnPhase2LifeSecondsV6=7200
vpn.vpnPhase2LifeKilobytesV6=0
vpn.vpnPhase2StrictIdV6=false
vpn.vpnConnectTimeoutV6=5
vpn.vpnIdleTimeoutV6=300
vpn.vpnPingTargetV6=2001:200:564:0:230:48ff:fe83:cf41
vpn.vpnPingIntervalV6=12
vpn.vpnPingMsgSizeV6=32

# ?????????????????????????????????????
# / ??? ./ ?????????????
#storage.encryptionKey0.place=IC
#storage.encryptionKey0.place=USB
storage.encryptionKey0.place=./StorageKey0

# ??????????
#storage.conf0.type=ATA
storage.conf0.host_id=0
storage.conf0.device_id=0
storage.conf0.lba_low=63
storage.conf0.lba_high=467419135
storage.conf0.keyindex=0
storage.conf0.crypto_name=aes-xts
storage.conf0.keybits=256

# VMM
vmm.f11panic=0
vmm.f12msg=0
vmm.auto_reboot=1
vmm.shell=0
vmm.dbgsh=0
vmm.status=0
vmm.tty_pro1000=0
vmm.tty_pro1000_mac_address=FF-FF-FF-FF-FF-FF
vmm.driver.ata=0
vmm.driver.usb.uhci=0
vmm.driver.usb.ehci=0
vmm.driver.concealEHCI=0
vmm.driver.conceal1394=0
vmm.driver.concealPRO1000=0
vmm.driver.vpn.PRO100=0
vmm.driver.vpn.PRO1000=0
vmm.driver.vpn.RTL8169=0
vmm.driver.vpn.ve=0
vmm.iccard.enable=0
vmm.iccard.status=0
vmm.boot_active=0

More information about the BitVisor-users-en mailing list