Search:  
Gentoo Wiki

SECURITY_System_Encryption_DM-Crypt_with_LUKS/loopback_devices

Encrypting Loopback Devices

Code: Encrypting loopback devices

First, create the file that you'll like to use as an encrypted container by filling it with random data.

 dd if=/dev/urandom of=./crypt-cont bs=1M count=128 
 

Now, you have to attach a loopback device to it.
A loopback device makes possible to access a file as if it were a block device.

 losetup /dev/loop0 /path/to/crypt-cont
 

Encrypting the file, feel free to change the cipher, etc..

 cryptsetup -v --cipher serpent-cbc-essiv:sha256 --key-size 256 luksFormat /dev/loop0 
 

Open the encrypted device.

 cryptsetup luksOpen /dev/loop0 crypt-cont
 # dmsetup ls && ls -l /dev/mapper/ should show crypt-cont
   

Create a filesystem on it.

 mke2fs -m0 /dev/mapper/crypt-cont
 

Mount it.

 
 mkdir /mnt/crypt-cont
 mount -t ext2 /dev/mapper/crypt-cont /mnt/crypt-cont
 

Now you can use it, copy files to it, whatever you want, when you're done with it, execute:

 umount /mnt/crypt-cont
 cryptsetup luksClose crypt-cont
 losetup -d /dev/loop0 
 

The content of the file will be there next time you decrypt and mount it.

The end.

Growing with an Encrypted Loopback Device

Code: Growing encrypted loopback-devices

Make sure your loopback-container is detached. Then just add some random stuff, e.g. 100M

 dd if=/dev/urandom bs=1M count=100 >> /path/to/crypt-cont
 

Now attach and open your loopback-device again.

 losetup /dev/loop0 /path/to/crypt-cont
 cryptsetup luksOpen /dev/loop0 crypt-cont
 

It depends on which filesystem you have how to grow your partition. I assume its most the same way. With reiserfs you have to

 resize_reiserfs -s +100M /dev/mapper/crypt-cont
 

mount your partition and df shows you the new size.

(Please edit this area with some suggestions or notes)

Retrieved from "http://www.gentoo-wiki.info/SECURITY_System_Encryption_DM-Crypt_with_LUKS/loopback_devices"

Last modified: Sun, 14 Jan 2007 18:02:00 +0000 Hits: 4,763