User:Jebba/Cryptsetup

=Intro= Cryptsetup is a good way to use an encrypted filesystem with a gnulinux system. I have made kernel modules and built the cryptsetup program so it can be used with Maemo.

=Kernel= You need some kernel modules to use cryptsetup. You can build your own kernel or use mine. This wiki has instructions on installing my custom kernel.

=Userspace tools= You'll need to install cryptsetup from the extras-devel repository.

=Create cryptfile= Set up a file to use:

set -x CRYPTSIZE=4 LOOPFILE=/dev/loop0 CRYPTNAME=cryptfooz CRYPTFILE=/home/user/MyDocs/$CRYPTNAME echo "warning going to erase $CRYPTFILE" read ok dd if=/dev/urandom of=$CRYPTFILE bs=1M count=$CRYPTSIZE cryptsetup remove $CRYPTNAME losetup -d $LOOPFILE losetup $LOOPFILE $CRYPTFILE cryptsetup -v \ --key-size=256 \ --cipher=twofish-cbc-essiv:sha256 \ create \ $CRYPTNAME \ $LOOPFILE mkfs.ext3 -j -m0 /dev/mapper/$CRYPTNAME mkdir -p /mnt/$CRYPTNAME mount -o noatime /dev/mapper/$CRYPTNAME /mnt/$CRYPTNAME chown user:users /mnt/$CRYPTNAME ls -la /mnt/$CRYPTNAME
 * 1) !/bin/sh

With this, you can now copy files to /mnt/cryptfooz and they'll be encrypted.

=Umount= (Untested, but should just be like this)

umount /mnt/cryptfooz cryptsetup remove cryptofooz losetup -d /dev/loop0
 * 1) cryptfooz or whatever you named it above
 * 1) Then remove it from cryptsetup
 * 1) Then freeup the loopback

=Mount= So the next time you want to mount it, just run:

set -x CRYPTSIZE=4 LOOPFILE=/dev/loop0 CRYPTNAME=cryptfooz CRYPTFILE=/home/user/MyDocs/$CRYPTNAME cryptsetup remove $CRYPTNAME losetup -d $LOOPFILE losetup $LOOPFILE $CRYPTFILE cryptsetup -v \ --key-size=256 \ --cipher=twofish-cbc-essiv:sha256 \ create \ $CRYPTNAME \ $LOOPFILE mount -o noatime /dev/mapper/$CRYPTNAME /mnt/$CRYPTNAME ls -la /mnt/$CRYPTNAME
 * 1) !/bin/sh

=See Also=


 * - old, but lots of copying from my old page there.