Cryptsetup
Description: Cryptsetup is a utility used to setup cryptographic volumes for dm-crypt, a disk encryption subsystem in the linux kernel. It can be used to encrypt partitions, loop devices and even entire systems. Both plain dm-crypt volumes and LUKS volumes can be created using cryptsetup. LUKS uses a metadata header and provides more functionality than plain dm-crypt, but it is more vulnerable to damage. Dependent Binaries: /sbin/cryptsetup /usr/sbin/cryptsetup Approach: 1.Using LUKS volume: Check whether the package cryptsetup is installed. To store the encrypted data,create a non-sparse empty file which will act as the storage device. Create a LUKS partition within the file mentioned above.Set the password needed to decrypt the data when asked. Check the file to ensure that it is LUKS encrypted. Open the LUKS container and give it a mapping name.Now the LUKS container is opened as a regular device. Format and create a filesystem on the device and mount it. Create a file on this device and fill it with random data. Find the MD5 hash of this file and store the hash in a temporary file. Unmount the filesystem and close the LUKS container to lock it. Reopen the container and mount it. Find the MD5 hash of the file inside (if still present). Compare it with the hash value stored earlier to verify the correct working of cryptsetup. 2.Using Plain dm-crypt volume: Create a non-sparse empty file. Assign the file as a block device using losetup. Create a plain dm-crypt volume on this block device using cryptsetup. Set password. Create a file system on this device using mkfs and mount it. Create a file on the device with some random data. Save the MD5 hash of this file in a separate temporary file. Unmount and remove the device to lock it. Open and mount it again and verify the hash of the file with value stored earlier. 3.Clean Up: Unmount the plain and LUKS volumes. Remove the non-sparse files and temporary files created. Regards, Abhilash B B Tech CSE Student Government Engineering College, Thrissur _______________________________________________ Autotest-kernel mailing list [email protected] https://www.redhat.com/mailman/listinfo/autotest-kernel
