[EMAIL PROTECTED] <[EMAIL PROTECTED]> yazmış:
> Nick <[EMAIL PROTECTED]> writes:
>
> >> dm-crypt[1] and loop-aes[2] are two alternatives. The former has been
> >> very reliable for me so far.
> >>
> >> [1] http://www.saout.de/misc/dm-crypt/
> >
> > Yep, I've been using dm-crypt with LUKS for a while now, without any
> > problems whatsoever. Asks mer for the passphrase when I bootup, then
> > merrily continues on its way. You can also use a USB disk or some
> > other medium to store the passphrase.
> >
> > It's been a while since I set it up, so I'm rather rusty on how it
> > all fits together now, but follow
> > http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS
> > and you'll go far.
>
> Thanks for some real world input..
>
> Am I write in thinking dm-crypt does not support using a regular file
> (not a partition) as the base of encrypted file system?
Well, you can create a regular file, mount it as a loopback device and
encrypt it. Here is an example:
# Create a disk image:
dd if=/dev/zero of=/tmp/disk1.img count=50 bs=1M
# Set up a loop device
losetup /dev/loop/0 /tmp/disk1.img
# encrypt it
cryptsetup luksFormat /dev/loop/0
# then open it with luksOpen
cryptsetup luksOpen /dev/loop0 test
# create a filesystem
mkfs.whatever /dev/mapper/test
# mount it
mount /dev/mapper/test /path/to/test
and write a script to do the last three steps or do it via
/etc/conf.d/cryptfs.
--
ali polatel (hawking)
I don't drink, I don't like it, it makes me feel too good.
-- K. Coates
--
[EMAIL PROTECTED] mailing list
