[dm-crypt] Encrypted fs in file

Arno Wagner arno at wagner.name
Mon Apr 4 01:57:29 CEST 2016


Also refer to FAQ item 2.6
https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions

The zeroing out of the mapped container is advisable
if this needs high security, i.e. is not just for 
experiments.

Regards,
Arno


On Sun, Apr 03, 2016 at 18:03:11 CEST, Sven Eschenberg wrote:
> And regarding 1):
> 
> You might want to use dd for that and /dev/urandom. (Or use
> /dev/zero and then zero out the inner device before creating the
> filesystem).
> 
> Regards
> 
> -Sven
> 
> 
> Am 03.04.2016 um 10:41 schrieb Matthias Schniedermeyer:
> >On 03.04.2016 00:07, doark at mail.com wrote:
> >>Hello,
> >>I wanted to make certain that I got this process right since I've never
> >>done it before and I can't seem to find docs on the subject.
> >>
> >>1. Cat /dev/zero into a new file till it is big enough.
> >>2. Use cryptsetup on the file (format and open).
> >>3. Use mkfs on the loop device.
> >>4. Mount the loop device as if it were a block device.
> >>
> >>Does this look correct to you?
> >
> >Nearly.
> >
> >3) Not the loop device, but the dm-device, the loop it inbetween and is
> >handled automatically.
> >
> >A symlink for the dm-device appears in /dev/mapper/ with the name you
> >provided for the open command.
> >
> >Same for 4) You mount the dm-device
> >
> >
> >
> >
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list