[EMAIL PROTECTED] <[EMAIL PROTECTED]> yazmış: > Nick <[EMAIL PROTECTED]> writes: > > >> dm-crypt[1] and loop-aes[2] are two alternatives. The former has been > >> very reliable for me so far. > >> > >> [1] http://www.saout.de/misc/dm-crypt/ > > > > Yep, I've been using dm-crypt with LUKS for a while now, without any > > problems whatsoever. Asks mer for the passphrase when I bootup, then > > merrily continues on its way. You can also use a USB disk or some > > other medium to store the passphrase. > > > > It's been a while since I set it up, so I'm rather rusty on how it > > all fits together now, but follow > > http://gentoo-wiki.com/SECURITY_System_Encryption_DM-Crypt_with_LUKS > > and you'll go far. > > Thanks for some real world input.. > > Am I write in thinking dm-crypt does not support using a regular file > (not a partition) as the base of encrypted file system?
Well, you can create a regular file, mount it as a loopback device and encrypt it. Here is an example: # Create a disk image: dd if=/dev/zero of=/tmp/disk1.img count=50 bs=1M # Set up a loop device losetup /dev/loop/0 /tmp/disk1.img # encrypt it cryptsetup luksFormat /dev/loop/0 # then open it with luksOpen cryptsetup luksOpen /dev/loop0 test # create a filesystem mkfs.whatever /dev/mapper/test # mount it mount /dev/mapper/test /path/to/test and write a script to do the last three steps or do it via /etc/conf.d/cryptfs. -- ali polatel (hawking) I don't drink, I don't like it, it makes me feel too good. -- K. Coates -- [EMAIL PROTECTED] mailing list