Sunday, November 26, 2006


Kernel options needed:
Device Drivers > Block Devices > Loopback device support cryptoloop support
Cryptographic Options > (select cyphers.. ex. aes, twofish)

Update user space tools if needed

Fill a file or partition with random data:
dd if=/dev/urandom of=/dev/hda1 bs=1M
dd if=/dev/urandom of=/somefile.aes bs=1M count=10

Check what encryption methods are available
Note: the method will not show up if the method was compiled as a module and the module was not yet loaded.
cat /proc/crypto

Associate loop device with created file or partition
losetup -e aes-256 /dev/loop0 /dev/hda1
losetup -e aes-256 /dev/loop0 /somefile.aes
losetup -e twofish-256 /dev/loop0 /somefile.aes
You are asked to create a password

Format the new filesystem
mkfs.ext3 /dev/loop0

Mount the new filesystem
mkdir /mnt/crypto
mount -t ext3 /dev/loop0 /mnt/crypto

To unmount:
unmount /mnt/crypto
losetup -d /dev/loop0

No comments: