Tue 07 of Sep, 2010 [00:32 UTC]
LoopMappings
|
Translating between encrypted losetup and dm-crypt
|
|
Português Brasileiro |
Note that your success (or not) will depend on which crypto patch to losetup you have.
This sample worked with the crypted file system on my USB keychain (mounted at /mnt/key). Note that 256==32*8, therefore if you used no -k option before (default is 128 key bits), you'd need -s 16.
Note: This was with the old (deprecated) cryptsetup shell script, the new native cryptsetup tool takes bits as argument. The yet-to-be-released cryptsetup 0.2 program builds the backend as a library and there is a util-linux patch that adds full cryptsetup support to mount so that the following commands can be simply done with mount itself (losetp+cryptsetup). You still have to use losetup+cryptsetup once to create the filesystem though.
Old cryptoloop:
losetup -e aes -k 256 /dev/loop7 /mnt/key/Lock
mount /dev/loop7 /mnt/Lock
dm-crypt:
losetup /dev/loop7 /mnt/key/Lock
cryptsetup -c aes-plain -h rmd160 -s 32 create lock /dev/loop7
mount /dev/mapper/lock /mnt/Lock/
Alternatively, you could use the utility "cryptmount", and put an entry of the form:
Lock {
dev=/mnt/key/Lock dir=/mnt/Lock
fstype=ext2 fsoptions=defaults cipher=aes-256
keyfile=/mnt/key/Lock.key keyhash=sha1 keycipher=blowfish
}
in /etc/cryptmount/cmtab. After initial setup of the filesystem, you can then run in user-mode:
cryptmount Lock
to mount the filesystem and transparently setup the associated loopback device.
Your example here...
This sample worked with the crypted file system on my USB keychain (mounted at /mnt/key). Note that 256==32*8, therefore if you used no -k option before (default is 128 key bits), you'd need -s 16.
Note: This was with the old (deprecated) cryptsetup shell script, the new native cryptsetup tool takes bits as argument. The yet-to-be-released cryptsetup 0.2 program builds the backend as a library and there is a util-linux patch that adds full cryptsetup support to mount so that the following commands can be simply done with mount itself (losetp+cryptsetup). You still have to use losetup+cryptsetup once to create the filesystem though.
Old cryptoloop:
losetup -e aes -k 256 /dev/loop7 /mnt/key/Lock
mount /dev/loop7 /mnt/Lock
dm-crypt:
losetup /dev/loop7 /mnt/key/Lock
cryptsetup -c aes-plain -h rmd160 -s 32 create lock /dev/loop7
mount /dev/mapper/lock /mnt/Lock/
Alternatively, you could use the utility "cryptmount", and put an entry of the form:
Lock {
dev=/mnt/key/Lock dir=/mnt/Lock
fstype=ext2 fsoptions=defaults cipher=aes-256
keyfile=/mnt/key/Lock.key keyhash=sha1 keycipher=blowfish
}
in /etc/cryptmount/cmtab. After initial setup of the filesystem, you can then run in user-mode:
cryptmount Lock
to mount the filesystem and transparently setup the associated loopback device.
Your example here...
Created by: smurfix last modification: Tuesday 06 of July, 2010 [01:21:05 UTC] by Anonymous
|
Page generated in: 0.09 seconds |
|
||||||||||||||
Login