encrypted file system
 

Hello!
I want to make an encrypted file system.I have compiled the cryptography in the 2.4.22 kernel with all algorithms as modules.
I made a file of 100 MB:
dd if=/dev/urandom of=test bs=512 count=204800
Now I want to associate it with a loop device:
losetup /dev/loop0 /root/test -e blowfish
It sais:Zice: Unsupported encryption type blowfish (...but blowfish module was loaded!!)
Without encryption, it works!
Any ideas?

are you sure you compiled the loopback support for the ciphers into the kernel? i tried to set up an encrypted file system a couple months ago, but i encountered the same problem.

my problem was getting the kernel to patch correctly, but i think i could do it now. did you set the kernel options for additional loopback encryption support?

i'll try to patch the stuff and setup an encrypted file system tonight and i'll get back to you.

it's good to know that the roman empire hasn't died ;).

cheers,
y-p

hello, again!
let's go through the whole process to see if i did some mistake:
i took the 2.4.22 kernel from kernel.org and i've compiled it.
diferent from the other kernels, it had the "cryptographic options" tab from the begining, without any patch. i said yes to "cryptographic api" and "hmac support" and module to all tle algorithms.
in the "block devices" tab i said yes to "loopback support". that's all regarding cryptographic support, isn't it?
with the new kernel loaded i tried the things described in my previous post and it didn't work.
from the man page of losetup i've read that it supports only none,xor and des encryption. with des, something else happens (and it did happen even before the new kernel):
losetup -e des /dev/loop0 test
Password: (anything)
Init (up to 16 hex digits): (123) -- i don't really know what this does...
ioctl: LOOP_SET_STATUS: Invalid argument
any other ideas?

i cant see cryptoloop in your list of modules, i think its next to loopback filesystem support in block devices. you have to enable experimental features to select it though.

i dont see anything that sounds like cryptoloop. can you tell me exactly where you've found it?

sorry, it doesnt come as standard with the 2.4 series kernels, grab yourself a patch from here and it should appear next to loopback filesystem support. check out some of the howto's at tldp.org for which patches to download for what.

losetup is the problem
 

I had the same problem, and it hasn't been fixed yet. (I checked a few minutes ago.) The latest losetup (2.11z util-linux) only supports by means of a nasty cludge, 3 hardcoded encryption types, none (and that means none), XOR (oh joy), and DES (which doesn't work). Anything else lacks the necessary code to convert password to encryption key. It's just not there.


Starling
Who would give you a patch, but doesn't know enough about making keys for each cipher... shouldn't there be a kernel interface or something for doing that?

this might be wrong cos i did the quite a while ago but if i remember you need to patch util-linux to support the kernel crypto stuff, if you fancy it the patch is here your distribution should release a patched losetup binary though