On Wed, 2005-09-07 at 23:56 +0100, Adam Bower wrote:
On Wed, Sep 07, 2005 at 11:39:31PM +0100, Wayne Stallwood wrote:
I was taking a look at this the other day, and it appears that dm-crypt is the tool for the job. I got as far as looking at the first couple of hits out of google for dm-crypt see http://www.saout.de/misc/dm-crypt/ and http://deb.riseup.net/storage/encryption/dmcrypt/ for more, and please let me know how you get on as I want to do some similar stuff for private files on my laptop.
I've been using dm-crypt with Gentoo for quite a while now, and it works really well. I have exactly the same situation as Wayne.
In this case $2 is the name of the file, $3 is size of the file.
To create a file losetup -d /dev/loop6 dd if=/dev/random of=/export/crypt/$2 bs=1024 count=$3 losetup /dev/loop6 /export/crypt/$2 cryptsetup create $2 /dev/loop6 -c serpent -y -s 128 -b `blockdev --getsize /dev/loop6` -h ripemd160 mke2fs $2 tune2fs -j $2 dmsetup remove $2
To mount losetup -d /dev/loop6 # ensure the loop device is available dmsetup remove $2 # remove existing definition of the device-map re-run the cryptsetup line mount /dev/mapper/$2
The decision process for using the serpent algorithm was down to other algorithms didn't work on the machine at work.
Adam