how to create an encrypted ext3 filesystem using "cryptsetup"?

Michael H. Warfield mhw at wittsend.com
Mon Jun 21 17:34:48 UTC 2004


Hello,

	I missed the earlier part of this thread, but I'm using dm_crypt
and cryptsetup with a microvault drive (256Meg USB key drive) and ext3
just fine.

On Mon, Jun 21, 2004 at 01:03:51PM -0400, Robert P. J. Day wrote:
> On Mon, 21 Jun 2004, Dale wrote:

> >The URL info from "rpm -qi cryptsetup" leads to
> >   http://www.saout.de/misc/dm-crypt/
> >which has information about cryptsetup.

> been there all morning, following the docs.  still something missing.

	Here is a fragment of the script I use to mount my encrypted
microvault:

] export CRYPTO_DEVICE=/dev/sda1
] 
] if [ -b /dev/mapper/crypto.mhw ] ; then
]         cryptsetup remove crypto.mhw
] fi
] 
] cryptsetup -c aes -h ripemd160  -b `blockdev --getsize $CRYPTO_DEVICE` \
]         create crypto.mhw $CRYPTO_DEVICE
] 
] mount /dev/mapper/crypto.mhw /mnt/microvault

	If you are still getting a error, check and make sure you've got
the device_mapper functioning...

[root at canyon mhw]# ls /dev/mapper/
control  crypto.mhw
[root at canyon mhw]# lsmod | grep dm
dm_mod                 32800  0

	After running cryptsetup, you should have something like this:

[root at canyon mhw]# lsmod | grep dm
dm_crypt                7048  1
dm_mod                 32800  2 dm_crypt

	Plus you'll have some algorithm modules like aes and maybe a couple
of others.

> rday

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  /\/\|=mhw=|\/\/       |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040621/0b7dbb7f/attachment-0001.sig>


More information about the fedora-list mailing list