Re: Loopback file system encryption with kernel-source-2.4.19?

To: Jack O'Quin <joq@io.com>
Cc: debian-user@lists.debian.org
Subject: Re: Loopback file system encryption with kernel-source-2.4.19?
From: Stefan Radomski <sr@oop.info>
Date: 26 Dec 2002 05:09:47 +0100
Message-id: <[🔎] 1040875787.1956.18.camel@hal9000>
In-reply-to: <[🔎] 873colfojv.fsf@sulphur.joq.us>
References: <[🔎] 873colfojv.fsf@sulphur.joq.us>

On Thu, 2002-12-26 at 04:26, Jack O'Quin wrote:
> 
> I managed to install cryptoapi-core-source from testing and build
> a 2.4.19 kernel with those modules (plus ALSA).  
> 
> But losetup still fails:
> 
>   sudo losetup -e blowfish /dev/loop0 ~/.crypto
>   Available keysizes (bits): 128 160 192 256 
>   Keysize: 256
>   Password :xxxxxxxxxxxxx
>   
>   Password :xxxxxxxxxxxxx
>   
>   The cipher does not exist, or a cipher module needs to be loaded into the kernel
>   ioctl: LOOP_SET_STATUS: Invalid argument
> 
> I tried installing cryptoloop-source from testing.  But it only
> contains the following patches:
> 
>   /usr/src/kernel-patches/all/loop-jari/loop-jari-2.2.20.gz
>   /usr/src/kernel-patches/all/loop-jari/loop-jari-2.4.18.gz
>   /usr/src/kernel-patches/all/loop-jari/loop-jari-2.4.16.gz
> 
> Is this package still needed?  The /usr/share/doc files seem to
> indicate that it is.  So, how do I build a patch for 2.4.19?
> 
> What am I missing, here?

Hi Jack,
to use filesystem encryption via the loopback-device, you need the
cryptoapi and the patch for the loopback device (eg. loop-jari).

You get 'ioctl: LOOP_SET_STATUS: Invalid argument' because the loop
device loaded in the kernel is not patched, build the loop device as
module, the 'right' one is called 'cryptoloop'.

The relevant modules from my lsmod output:
cipher-aes             21172   2 
cryptoloop              1708   2 
loop                   10032   4  [cryptoloop]
cryptoapi               3660   5  [cipher-aes cryptoloop]

You might want to try the 'magic installer' from 
http://www.kerneli.org/
I haven't tried it, but it looks promising. This is also the site, where
you can find further information.

If you want to patch it by yourself, the accordant patches are called:
'patch-int-2.4.xx'
'loop-jari-2.4.xx.patch'

These can be retrieved from
http://www.kernel.org/pub/linux/kernel/people/hvr/testing/

You might also want to look at pam_mount at:
http://freshmeat.net/releases/102327/
To mount the container-file transparently at login. I had to recompile
util-linux, because the debian 'mount' binary won't mount loopback
devices with encryption without prior initialisation via losetup.

I haven't tried to patch the kernel-sources distributed with debian, but
a plain kernel from http://www.kernel.org

> -- 
>   Jack O'Quin
>   Austin, Texas, USA
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
> 
-- 

"boredom is not a burden anyone should bear"

Reply to:

Follow-Ups:
- Re: Loopback file system encryption with kernel-source-2.4.19?
  - From: "Jack O'Quin" <joq@io.com>

References:
- Loopback file system encryption with kernel-source-2.4.19?
  - From: "Jack O'Quin" <joq@io.com>

Prev by Date: Re: What happened to plugger?
Next by Date: Re: making alsa work, ix86, als120, wine
Previous by thread: Loopback file system encryption with kernel-source-2.4.19?
Next by thread: Re: Loopback file system encryption with kernel-source-2.4.19?
Index(es):
- Date
- Thread