LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-16-2004, 01:57 PM   #1
erktrek
LQ Newbie
 
Registered: Dec 2004
Posts: 4

Rep: Reputation: 0
Encrypted Filesystems using Loop Device


I am in the process of setting up several encrypted filesystems on a linux server of mine for different clients. I am running gentoo-2.6.9-r1 on a p4.

I've been researching into on how to setup a encrypt and am now comfortable with the basic process. I do however have some questions that maybe someone could help me with.

Here's a simple example:

1) mkdir /fs

2) losetup -e aes-cbc-256 /dev/loop1 /disk-aes
*** Entered pwd "testing"

3) mkfs -t reiserfs /dev/loop1

4) mount -t reiserfs -o loop,encryption=aes-cbc-256,acl /disk-aes /fs
*** Entered pwd "testing"

This successfully mounts /fs to file /disk-aes. So far so good. After further reading and testing I discovered that step 4 could also be expressed as:

4) mount -t reiserfs /dev/loop1 /fs

This does not ask me for a pwd again so is kinda handy unless I'm doing something completely bad or wrong?

Next step is I would love to somehow auto mount this in fstab (rather than using an unsecure shell script). The reason for this is that the machine is unattended for much of the time - if it resets then those filesystems will be unavailable. After much searching I came up with "hashalot"

Now based on what I've read step 2 would look something like this:

2b) sha256 | losetup -p0 -e aes-cbc-256 /dev/loop1 /disk-aes

This works ok as well - the big problem now is how to set that up in fstab? And why do this anyway? I realize it has something todo with hashing the password, making things even more twisted. But how does that help in fstab?

I've tried various entries but nothing seems to work. I am not sure how to continue. My fallback position is simply to create a very unsecure shell script and run it at boot time or play around with the keygen parm in fstab...

Hope this isn't too confusing.

TIA,

E.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What R the requirements of aes-256 encrypted loopback device? zahoo Linux - Software 1 06-14-2005 08:47 AM
Encrypted Filesystems on Removable Media Soltis Linux - Security 8 03-21-2005 01:35 PM
loop: can't open device /dev/loop0: No such device or address miaviator278 Linux - Security 3 06-09-2004 09:24 PM
Encrypted filesystems and util-linux thebell Linux - General 2 05-31-2004 10:16 AM
UMSDOS vs. loop device okok Linux - General 5 01-29-2002 11:12 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration