Thursday, September 6, 2007

encrypted partitions and container files

Partitions:
HowTo, HowTo, HowTo
- find out which partition to format: fdisk -l
- make sure partition is not mounted
- possibly create partition: cfdisk

sudo cryptsetup luksFormat -c aes-cbc-essiv:sha256 -s 256 /dev/sda1
sudo cryptsetup luksOpen /dev/sda1 encrypted
sudo mkfs.ext3 /dev/mapper/encrypted
sudo mkdir /media/encrypted
sudo mount /dev/mapper/encrypted /media/encrypted
sudo chown leo.leo /media/encrypted
sudo chmod 770 /media/encrypted

mcrypt.sh:
sudo cryptsetup luksOpen /dev/sda1 encrypted
sudo mount /dev/mapper/encrypted /media/encrypted


ucrypt.sh:
sudo umount /media/encrypted
sudo cryptsetup luksClose encrypted


Container Files:
Howto
dd if=/dev/urandom of=/media/USB-STICK/crypto bs=1M count=100
sudo losetup /dev/loop0 /media/USB-STICK/crypto
sudo cryptsetup -c aes-cbc-essiv:sha256 -s 256 --verify-passphrase luksFormat /dev/loop0
sudo cryptsetup luksOpen /dev/loop0 crypto
sudo mkfs.ext3 /dev/mapper/crypto
sudo mkdir /media/crypto
sudo mount /dev/mapper/crypto /media/crypto
sudo chown leo.leo /media/crypto
sudo chmod 770 /media/crypto

mount:
sudo losetup /dev/loop0 /media/USB-STICK/crypto
sudo cryptsetup luksOpen /dev/loop0 crypto
sudo mount /dev/mapper/crypto /media/crypto

unmount:
sudo umount /media/crypto
sudo cryptsetup luksClose crypto
sudo losetup -d /dev/loop0

Error message: "Check kernel for support for the aes-cbc-essiv:sha256 cipher spec and verify that /dev/sda5 contains at least 133 sectors":
Make sure partition is not mounted, and in case of the container file, that /dev/loop0 is usable (try /dev/loop1 for example, or check with sudo losetup -f. For example with wubi Ubuntu, only /dev/loop1 seems to work).
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)