[dm-crypt] dm-crypt "inverted" usage (i.e. exporting an "encrypted" image of a block device)
.. ink ..
mhogomchungu at gmail.com
Thu Aug 1 08:02:14 CEST 2013
I dont quite get what you are trying to do and the doing things "backwards"
suggests lack of understanding of how things work,atleast lack of
understanding according to my understanding of how things work :-)
Lets start with how things work.
1. You start with a device "/dev/sdc1".
2. You create an mapper path to it,let say at "/dev/mapper/sdc1".
The way it works is that,you send plain text data to "/dev/mapper/sdc1" and
the data land ciphertexted at "/dev/sdc1".You want your plain text back
from "/dev/sdc1" and you read it from "/dev/mapper/sdc1" and you get your
plain text data back.
I guess by "backwards",you mean starting with a plain text data at
"/dev/sdc1" and then create ciphertext version of the data by reading
"/dev/mapper/sdc1" and then sending the cipher text data over the network
and then transforming the cipher text back to plain text by writing to
another mapper path attached to another device on the other computer?..
The "backward" way should be easily testable.
1. create a 512 Byte plain text file( file A ) and put known content in it.
2. open a PLAIN mapper against the file with a certain password.
3. read 512 Bytes from the mapper attached to "file A" and hold on to it.
4. create another 512 Byte file( file B ).
5. open a PLAIN mapper against "file B" using the same password used above.
6. write to the mapper attached to "file B".
7. compare the contents of file B against those on file A,will they match
or will they not?
At the end of the day,you are just sending encrypted data over the
network.Dealing with raw devices seems like a disaster waiting to
happen.How can you tell the data you just received over the network arrived
as it was sent and there is not data corruption? Do you of all voodoo file
systems do to guarantee data integrity?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt