On Thu, Jan 22, 2004 at 12:10:33PM -0700, Richard Esplin wrote: > My biggest requirement is that it be trivial to set up and use. It would be > nice if it asked me for a password at bootup, or any other time I mounted the > drive, and then I could use it just like any other filesystem knowing that > once I turned the computer off (or unmounted the drive) the data would be > secure.
Okay. If that's all you want, is this trivial enough for you?
root# apt-get install cfs
user# cmkdir encrypted-data
user# cattach encrypted-data unencrypted-view
That's for a directory. If you want an entire drive, try loop-aes
that ships with the 2.6 kernel.
root# modprobe cryptoloop
root# modprobe blowfish
root# dd if=/dev/urandom of=encrypted.img bs=4k count=1000
root# losetup -e blowfish /dev/loop0 encrypted.img
root# mkfs.ext3 /dev/loop0
root# mkdir /mnt/unencrypted-view
root# mount /dev/loop0 /mnt/unencrypted-view
Just put an entry in /etc/fstab for that image.
Any other requirements? Don't be afraid to get creative. :-)
Mike
.___________________________________________________________________.
Michael A. Halcrow
Security Software Engineer, IBM Linux Technology Center
GnuPG Fingerprint: 05B5 08A8 713A 64C1 D35D 2371 2D3C FDDA 3EB6 601D
GPL: A Bill of Rights for the Digital Age
pgp00000.pgp
Description: PGP signature
____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
