loop-aes worked easy... cryptoAPI was confusing !
its quite easy actually.... u need....
loop-aes patch tar.gz
use the patch's inside loop-aes to patch the kernel source (kernel 2.4 only, 2.6 is done for u)
then patch util-linux (latest versiion)
cd into the patched util-linux source directory
backup your mount binary's
mv /bin/mount /bin/old-mount
same with umount
then copy the new compiled mount and umount binary's into /bin/
now for your kernel...
cd into kernel source (patched if its 2.4 only !)
load the config gile from /boot/config-XXXXXXX
and in the block devices section, say YES to compile loop-aes.
make dep (kernel 2.4 only)
now add the lines
to your Home directorys ./.bash_profile file.
This will make normal users use normal mount, and bootup and root use the new mount.
now Re boot your system.
now lets say u want an excrypted Home directory.
dd if=/dev/urandom of=/username.img bs=1M count=1024 (makes a 1024 meg home directory)
now make an encrypted loop.
losetup -e aes256 /dev/loop3 /home/username.img
now format the system
now kill the loop
losetup -d /dev/loop3
now mount with
mount -o loop,encryption=aes256 /home/username.img /home/username
NOW... use passwd command to change your main linux login password to match
the password of the encryption.
install the program pam_mount
configure it following the read me.
and when you login, it will automatically mount the home directory.
the encryption it totally transparent.
and if any1 steals your pc / lapto, they cant read your files...
even better, if the police swarm your house for stealing mp3's
they will never find the evidence to prosicute