Gentoo Wiki


Encrypting Loopback Devices

Code: Encrypting loopback devices

First, create the file that you'll like to use as an encrypted container by filling it with random data.

 dd if=/dev/urandom of=./crypt-cont bs=1M count=128 

Now, you have to attach a loopback device to it.
A loopback device makes possible to access a file as if it were a block device.

 losetup /dev/loop0 /path/to/crypt-cont

Encrypting the file, feel free to change the cipher, etc..

 cryptsetup -v --cipher serpent-cbc-essiv:sha256 --key-size 256 luksFormat /dev/loop0 

Open the encrypted device.

 cryptsetup luksOpen /dev/loop0 crypt-cont
 # dmsetup ls && ls -l /dev/mapper/ should show crypt-cont

Create a filesystem on it.

 mke2fs -m0 /dev/mapper/crypt-cont

Mount it.

 mkdir /mnt/crypt-cont
 mount -t ext2 /dev/mapper/crypt-cont /mnt/crypt-cont

Now you can use it, copy files to it, whatever you want, when you're done with it, execute:

 umount /mnt/crypt-cont
 cryptsetup luksClose crypt-cont
 losetup -d /dev/loop0 

The content of the file will be there next time you decrypt and mount it.

The end.

Growing with an Encrypted Loopback Device

Code: Growing encrypted loopback-devices

Make sure your loopback-container is detached. Then just add some random stuff, e.g. 100M

 dd if=/dev/urandom bs=1M count=100 >> /path/to/crypt-cont

Now attach and open your loopback-device again.

 losetup /dev/loop0 /path/to/crypt-cont
 cryptsetup luksOpen /dev/loop0 crypt-cont

It depends on which filesystem you have how to grow your partition. I assume its most the same way. With reiserfs you have to

 resize_reiserfs -s +100M /dev/mapper/crypt-cont

mount your partition and df shows you the new size.

(Please edit this area with some suggestions or notes)

Retrieved from ""

Last modified: Sun, 14 Jan 2007 18:02:00 +0000 Hits: 4,763