Adding the new files

en-US/creating-encrypted-block-devices.adoc

@@ -0,0 +1,53 @@
+[id='creating-encrypted-block-devices_{context}']
+== Creating encrypted block devices
+
+This procedure describes the steps to create and configure encrypted block devices after installation.
+
+.Prerequisites
+
+* Install the `cryptsetup` package:
++
+----------
+# dnf install cryptsetup-luks
+----------
+
+* Create the block devices you want to encrypt using `parted`, `pvcreate`, `lvcreate`, and `mdadm`.
+
+* Optionally, fill the device, for example, `/dev/sda3` with random data before encrypting it as this increases the strength of encryption.
++
+[NOTE]
+========
+Filling the device with random data increases the time necessary for encryption.
+========
++
+[WARNING]
+=========
+The commands below will destroy any existing data on the device.
+=========
+
+** To fill the device with high quality random data:
++
+-------
+dd if=/dev/urandom of=<device>
+-------
++
+This takes several minutes per gigabyte on most systems.
++
+** To fill the device with lower quality random data:
++
+--------
+badblocks -c 10240 -s -w -t random -v <device>
+--------
++
+This is quicker compared to the high quality random data method.
+
+include::modules/proc_format-device-as-dmcrypt-encrypted-device.adoc[leveloffset=+1]
+
+include::modules/proc_create-mapping-to-allow-access-to-decrypted-contents.adoc[leveloffset=+1]
+
+include::modules/proc_create-filesystems-on-mapped-device.adoc[leveloffset=+1]
+
+include::modules/proc_add-mapping-information-to-etc-fstab.adoc[leveloffset=+1]
+
+include::modules/proc_add-entry-to-etc-fstab.adoc[leveloffset=+1]
+.

en-US/encrypting-drives-using-LUKS.adoc

@@ -0,0 +1,10 @@
+[id='encrypting-drives-using-luks']
+= Encrypting drives using LUKS
+
+As a system administrator, you can encrypt a block device. This section gives a brief introduction to block encryption, describes Linux Unified Key Setup (LUKS), and lists the steps to create an encrypted block device.
+
+include::en-US/modules/con_block-device-encryption.adoc[]
+
+include::en-US/modules/con_introduction-to-luks.adoc[]
+
+include::en-US/creating-encrypted-block-devices.adoc[]

en-US/modules/con_block-device-encryption.adoc

@@ -0,0 +1,5 @@
+[id='con_block-device-encryption_{context}']
+== Block device encryption
+
+Block device encryption protects the data on a block device by encrypting it. To access the device's decrypted contents, a user must provide a passphrase or key as authentication. This provides additional security beyond existing operating system security mechanisms as it protects the device's contents even if it has been physically removed from the system. 
+

en-US/modules/con_introduction-to-luks.adoc

@@ -0,0 +1,24 @@
+[id='con_introduction-to-luks_{context}']
+== Introduction to LUKS
+
+Linux Unified Key Setup (LUKS) is a specification for block device encryption.  It establishes an on-disk format for the data, as well as a `passphrase/key` management policy.
+
+LUKS uses the kernel device mapper subsystem with the `dm-crypt` module. This arrangement provides a low-level mapping that handles encryption and decryption of the device data. You can use the `cryptsetup` utility to perform user-level operations such as creating and accessing encrypted devices.
+
+.Advantages of using LUKS
+
+* LUKS encrypts entire block devices and can be used for protecting the contents of mobile devices such as removable storage media and laptop disk drives. 
+
+* The underlying content of the encrypted block device are arbitrary making it useful for encrypting `swap` devices. This is also useful fir databases that use specifically formatted block devices for data storage. 
+
+* LUKS uses the existing device mapper kernel subsystem. This is the same subsystem used by LVM, so it is well tested.
+
+* LUKS provides passphrase strengthenin which protects against dictionary attacks.
+
+* LUKS devices contain multiple key slots allowing users to add backup keys and passphrases.
+
+.Disadvantages of using LUKS
+
+* LUKS is not useful for applications requiring many (more than eight) users to have distinct access keys to the same device.
+
+* LUKS does not work for applications requiring file-level encryption.

en-US/modules/con_what_is_adobe_flash.adoc

@@ -0,0 +1,6 @@
+[id="what_is_adobe_flash"]
+= What is Adobe Flash
+
+Adobe Flash is a web browser plug-in used for multimedia. Adobe's Flash plug-in is not included in Fedora because it is not free and open source software. However, Adobe releases a version of the Flash plug-in for Fedora and other Linux distributions using Firefox, Chromium, and other popular internet browsers.
+
+Flash is less widely used than before because popular multimedia sites such as YouTube now use HTML5 for video playback instead. As a result, most modern browsers such as Firefox and Chromium can play videos without using the Flash plug-in. Google Chrome includes Flash by default.

en-US/modules/proc_add-entry-to-etc-fstab.adoc

@@ -0,0 +1,9 @@
+
+[id='proc_add-entry-to-etc-fstab']
+== Adding an entry to `/etc/fstab`
+
+To ensure a persistent mapping between the device and the mountpoint, add the entry in the `/etc/fstab` file:
+
+------
+/dev/mapper/<name>
+------

en-US/modules/proc_add-mapping-information-to-etc-fstab.adoc

@@ -0,0 +1,25 @@
+
+[id='proc_add-mapping-information-to-etc-fstab']
+== Adding the mapping information to `/etc/fstab`
+
+In order for a system to setup mapping to a device, there should entry must be present in the `/etc/crypttab` file. 
+
+. If your system does not have the `/etc/crypttab` file, create a new file and change the owner and group to `root` (`root:root`):
++
+----------
+# touch /etc/crypttab
+----------
+
+. Change the mode of the file:
++
+-------
+# chmod 0744
+-------
+
+. To identify the correct device in case the device name changes, add:
++
+---------
+<name>  <device>  none
+---------
++
+Here, the `<device>` field should be given in the form `UUID=<luks_uuid>`, where `<luks_uuid>` is the LUKS UUID.

en-US/modules/proc_checking_fedora_version.adoc

@@ -0,0 +1,10 @@
+[id="checking_fedora_version"]
+= Checking Fedora version
+
+To check which version of Fedora you are currently using, enter the following command:
+
+----
+uname -p
+----
+
+The resulting string is `x86` for a 32-bit version and `x86_64` for a 64-bit version of Fedora.

en-US/modules/proc_create-filesystems-on-mapped-device.adoc

@@ -0,0 +1,18 @@
+
+[id='proc_create-filesystems-on-mapped-device']
+== Creating filesystems on a mapped device
+
+After <<proc_create-mapping-to-allow-access-to-decrypted-contents>>, you can now use the mapped device node `/dev/mapper/<name>` like any other block device. 
+
+. To create an `ext2` filesystem on the mapped device:
++
+-------
+# mke2fs /dev/mapper/<name>
+-------
+
+. To mount this file system:
++
+--------
+# mkdir /mnt/test/
+# mount /dev/mapper/<name> /mnt/test
+--------

en-US/modules/proc_create-mapping-to-allow-access-to-decrypted-contents.adoc

@@ -0,0 +1,45 @@
+[id='proc_create-mapping-to-allow-access-to-decrypted-contents']
+== Creating mapping to allow access to a decrypted content
+
+To access a decrypted content on a device, you need to create a mapping using the kernel `device-mapper`.
+
+.Prerequisites
+
+LUKS provides a UUID (Universally Unique Identifier) for each device. This UUID is guranteed to remain the same as long as the LUKS header remains intact. To find a LUKS UUID for the device, run the following command:
+
+--------
+# cryptsetup luksUUID <device>
+--------
+
+An example of a reliable, informative and unique mapping name would be `luks-<uuid>`, where `<uuid>` is replaced with the LUKS UUID for the device (for example, luks-50ec957a-5b5a-47ee-85e6-f8085bbc97a8).
+
+.Procedure
+. Create a mapping to access the decrypted contents on the device:
++
+--------
+# cryptsetup luksOpen <device> <name>
+--------
++
+You are prompted to enter the passphrase for the device. Once you have authenticated, you can see the mapping `/dev/mapper/<name>` which represents the decrypted device. You can read from and write to this device like you would any other unencrypted block device.
+
+. To see the status of the mapping:
++
+------
+# cryptsetup -v status <name>
+------
++
+Sample output:
++
+--------
+/dev/mapper/<name> is active.
+  type:    LUKS1
+  cipher:  aes-cbc-essiv:sha256
+  keysize: 256 bits
+  device:  /dev/xvdc
+  offset:  4096 sectors
+  size:    419426304 sectors
+  mode:    read/write
+Command successful.
+--------
+.Additional resources
+For more information, see http://man7.org/linux/man-pages/man8/dmsetup.8.html[dmsetup(8)] manpage.

en-US/modules/proc_format-device-as-dmcrypt-encrypted-device.adoc

@@ -0,0 +1,50 @@
+
+[id='proc_format-device-as-dmcrypt-encrypted-device']
+== Formatting an encrypted device
+
+This procedure describes the steps to format the device as a `dm-crypt` encrypted device.
+
+[WARNING]
+=========
+The following command will remove any existing data on your device.
+=========
+
+. Format the device:
++
+---------
+# cryptsetup luksFormat <device>
+---------
++
+Sample output:
++
+--------
+WARNING!
+========
+This will overwrite data on <device> (for example, /dev/xvdc) irrevocably.
+
+Are you sure? (Type uppercase yes): YES
+Enter LUKS passphrase:
+Verify passphrase:
+Command successful.
+--------
+This command initializes the volume, and sets an initial key or passphrase.
++
+[NOTE]
+==========
+The passphrase is not recoverable so do not forget it.
+==========
+
+. To verify the formatting:
++
+-----
+# cryptsetup isLuks <device> && echo Success
+-----
+
+. To see a summary of the encryption information for the device:
++
+---------
+# cryptsetup luksDump <device>
+---------
+
+.Additional resources
+For more information, see http://man7.org/linux/man-pages/man8/cryptsetup.8.html[cryptsetup(8)] manpage.

en-US/modules/proc_installing_adobe_flash.adoc

@@ -0,0 +1,20 @@
+[id="installing_adobe_flash"]
+= Installing Adobe Flash
+
+To install Adobe Flash on Fedora:
+
+. Go to the official Adobe Flash web site at link:++https://get.adobe.com/flashplayer/otherversions/++[https://get.adobe.com/flashplayer/otherversions/].
+
+. In the drop-down options for _Select an Operating System_, choose *Linux (32-bit)* or *Linux (64-bit)* depending on which version of Fedora you are using.
+
+. In the drop-down for _Select a version_, select *FP for Linux $VERSION (.rpm) - NPAPI* for Firefox, or select *FP for Linux $VERSION (.rpm) - PPAPI* for Chromium. 
+
+. Click *Download Now* to download the file.
+
+. In a terminal window, go to the target download directory and type:
+
+----
+sudo dnf install flash-player-$VERSION.rpm
+----
+
+You have now successfully installed the Adobe Flash plug-in. You can now run multimedia on Flash-based website in your browser.

en-US/proc_installing-RPM.adoc

@@ -0,0 +1,29 @@
+[id='proc_installing-a-RPM-file']
+= Installing an RPM File
+
+This procedure shows you how to install an RPM file after you have downloaded the file to your desktop. An RPM file contains the required installation packages for a software.
+
+.Prerequisites
+
+* You must have administrative permission to install new RPM files on your system. Either root password or sudo access is required.
+
+.Procedure
+
+. Open a terminal.
+. Change your working directory to the location of the RPM file. If you have downloaded the RPM file to the `Downloads` directory, enter:
++
+[subs=quotes]
+----
+$ cd ~/Downloads
+----
++
+. Install the RPM file:
++
+[subs=quotes]
+----
+$ sudo rpm -i NAME_OF_RPM.rpm
+----
+
+
+
+

en-US/using-adobe-flash.adoc

@@ -0,0 +1,12 @@
+:experimental:
+//include::en-US/entities.adoc[]
+include::en-US/3rdparty-message.adoc[]
+
+[id="using_adobe_flash"]
+= Using Adobe Flash
+
+include::en-US/modules/con_what_is_adobe_flash.adoc[leveloffset=+1]
+
+include::en-US/modules/proc_checking_fedora_version.adoc[leveloffset=+1]
+
+include::en-US/modules/proc_installing_adobe_flash.adoc[leveloffset=+1]