PPDD

About

PPDD is a loop encryption software by Allan Latham for GNU/Linux. It is commonly used for encrypting hard disks on laptops, for example. It is based on the Blowfish algorithm. Root filesystem and swap encryption are supported also.

Why / why not to use PPDD?

PPDD is not being actively developed, but maintained by myself. It is compatible with Linux 2.6. i386 architecture is supported. Whether others work is unknown.

It's not loop-AES. Loop-AES is actively developed and employs a variety of algorithms, unlike PPDD, which only uses Blowfish. Encryption keys are stored on the encrypted loop device, with loop-AES it's easy to store them elsewhere. The keys are still protected by the passphrases, of course.

Passphrase management is integrated into PPDD. This is unlike in the case of loop-AES.

News

2007-06-22 --- Debian 4.0 (Etch) release

ppdd 2.0.20 compiled for Debian Etch is available. Other distributions using GCC 4.x (Etch has 4.1.2) probably benefit from this as well.

Note: ppdd 2.0.19 binaries work fine on Etch. It just won't compile. 2.0.20 does. On the other hand, I don't know whether 2.0.20 even compiles on Sarge.

2007-03-11 --- Initramfs script bug

This problem only affects those using the PPDD initramfs image to boot the system.

I found a bug in initramfs scripts (namely linuxrc) that the first argument to /sbin/init was actully NULL, instead of pointing to the command line of the process. This can cause the boot process to hang after the following message: "clean up initramfs, chrooting and starting init...". This can happen e.g. after recompiling the kernel, rendering the system quite difficult to boot, so please upgrade!

This bug has been fixed in ppdd 2.0.19.

Major changes since PPDD 2.0

• Random key generation (ppdncrypt) changed to work better with Linux 2.6. This may not work well securitywise on 2.4.
• Initramfs image is used instead of initrd.
• User space utilities are integrated into one big package.

Download

PPDD consists of these parts:

1. Losetup from patched util-linux.
2. The PPDD user space utilities (and the Debian package description).
3. Busybox if you want encrypted root.
4. The PPDD kernel patch and the vanilla Linux kernel.

The kernel patch must be downloaded separately. The kernel patch is called linux-version-ppdd-patch and it's available in the linux directory.

For user space parts, there are a few alternatives:

1. A Debian binary package, which has all the required user space programs and the initramfs image. The package is called ppdd-2.0_version_i386.deb and it's found under ppdd directory.
2. The big source package for compiling Debian binary package. This can be used even if you don't use Debian. Both Busybox and patched util-linux is included, i.e. no patching is necessary. The package is called ppdd-2.0-all-version.tar.bz2.
3. For those who know what they want and also know what they're doing, all the parts are available separately. Also needed are Busybox and the Crypto-API enabled version of Util-Linux.

I suggest using the latest patches (except when they're less than a few days old ;)) to avoid problems. To maximise your chances of successful patching, use the version of Linux indicated in the name of the patch.

The files are available in the download directory.

PPDD source code is also available in a GNU Arch repository.

Ian Collier has provided PPDD packages for Fedora core.

Notes

• Remember to save ppddtab before removing the Debian package!
• Don't upgrade the Debian package from ppdd-2.0 2.0.10. Remove the old package and install a new one.
• ppdncrypt -o malfunction has been reported on Fedora core 5. ppdncrypt -i works. The reason might be GCC 4.1.0 with which PPDD hasn't received much testing.
• Linux 2.6.14 requires ppdd-2.0 2.0.15 if initramfs image is used, i.e. you have encrypted root partition.
• The root device must be given in numeric form. (E.g. LILO does this automatically.) Only matters if you are using the initramfs image (encrypted root partition):

Comments, suggestions, opinions, patches and bug reports are welcome. :)

License

PPDD is licensed under the GNU General public license.