- Create an encrypted file first - this is covered in a lot of tutorials, but let's do it here (you need to be root to do this):
- create empty /.cryptdata file
dd if=/dev/zero of=/.cryptdata count=10 bs=1M - mount it via loop device
losetup /dev/loop0 /.cryptdata - create an encrypted volume out of it
cryptsetup luksFormat /dev/loop0 - open the volume
cryptsetup luksOpen /dev/loop0 cryptdata - format the volume (create filesystem)
mke2fs -j /dev/mapper/cryptdata
- create empty /.cryptdata file
- Add the following entry to /etc/crypttab:
cryptdata /.cryptdata none luks - Add the following entry to /etc/fstab:
/dev/mapper/cryptdata /home/cryptdata ext3 relatime 0 2 - Create mountpoint for the encrypted filesystem:
mkdir /home/cryptdata
Tuesday, August 12, 2008
Encrypted loop device on boot
There are a lot of tutorials on how to setup an encrypted LUKS home / root / swap partitions available, but I couldn't find any description about setting up an encrypted loop device on boot. It's easy to create an encrypted file and mount it manually, but I just couldn't find a way to configure it with /etc/crypttab to have it mounted on boot. So, here is the solution for Ubuntu 8.04 (should work on other distros that support crypttab too):
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment