SECURITY_System_Encryption_DM-Crypt_with_LUKS/loopback_devices
Encrypting Loopback Devices
Code: Encrypting loopback devices |
First, create the file that you'll like to use as an encrypted container by filling it with random data. dd if=/dev/urandom of=./crypt-cont bs=1M count=128 Now, you have to attach a loopback device to it. losetup /dev/loop0 /path/to/crypt-cont Encrypting the file, feel free to change the cipher, etc.. cryptsetup -v --cipher serpent-cbc-essiv:sha256 --key-size 256 luksFormat /dev/loop0 Open the encrypted device. cryptsetup luksOpen /dev/loop0 crypt-cont # dmsetup ls && ls -l /dev/mapper/ should show crypt-cont Create a filesystem on it. mke2fs -m0 /dev/mapper/crypt-cont Mount it. mkdir /mnt/crypt-cont mount -t ext2 /dev/mapper/crypt-cont /mnt/crypt-cont Now you can use it, copy files to it, whatever you want, when you're done with it, execute: umount /mnt/crypt-cont cryptsetup luksClose crypt-cont losetup -d /dev/loop0 The content of the file will be there next time you decrypt and mount it. The end. |
Growing with an Encrypted Loopback Device
Code: Growing encrypted loopback-devices |
Make sure your loopback-container is detached. Then just add some random stuff, e.g. 100M dd if=/dev/urandom bs=1M count=100 >> /path/to/crypt-cont Now attach and open your loopback-device again. losetup /dev/loop0 /path/to/crypt-cont cryptsetup luksOpen /dev/loop0 crypt-cont It depends on which filesystem you have how to grow your partition. I assume its most the same way. With reiserfs you have to resize_reiserfs -s +100M /dev/mapper/crypt-cont mount your partition and df shows you the new size. |
(Please edit this area with some suggestions or notes)