[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Loopback file system encryption with kernel-source-2.4.19?

On Thu, 2002-12-26 at 04:26, Jack O'Quin wrote:
> I managed to install cryptoapi-core-source from testing and build
> a 2.4.19 kernel with those modules (plus ALSA).  
> But losetup still fails:
>   sudo losetup -e blowfish /dev/loop0 ~/.crypto
>   Available keysizes (bits): 128 160 192 256 
>   Keysize: 256
>   Password :xxxxxxxxxxxxx
>   Password :xxxxxxxxxxxxx
>   The cipher does not exist, or a cipher module needs to be loaded into the kernel
>   ioctl: LOOP_SET_STATUS: Invalid argument
> I tried installing cryptoloop-source from testing.  But it only
> contains the following patches:
>   /usr/src/kernel-patches/all/loop-jari/loop-jari-2.2.20.gz
>   /usr/src/kernel-patches/all/loop-jari/loop-jari-2.4.18.gz
>   /usr/src/kernel-patches/all/loop-jari/loop-jari-2.4.16.gz
> Is this package still needed?  The /usr/share/doc files seem to
> indicate that it is.  So, how do I build a patch for 2.4.19?
> What am I missing, here?

Hi Jack,
to use filesystem encryption via the loopback-device, you need the
cryptoapi and the patch for the loopback device (eg. loop-jari).

You get 'ioctl: LOOP_SET_STATUS: Invalid argument' because the loop
device loaded in the kernel is not patched, build the loop device as
module, the 'right' one is called 'cryptoloop'.

The relevant modules from my lsmod output:
cipher-aes             21172   2 
cryptoloop              1708   2 
loop                   10032   4  [cryptoloop]
cryptoapi               3660   5  [cipher-aes cryptoloop]

You might want to try the 'magic installer' from 
I haven't tried it, but it looks promising. This is also the site, where
you can find further information.

If you want to patch it by yourself, the accordant patches are called:

These can be retrieved from

You might also want to look at pam_mount at:
To mount the container-file transparently at login. I had to recompile
util-linux, because the debian 'mount' binary won't mount loopback
devices with encryption without prior initialisation via losetup.

I haven't tried to patch the kernel-sources distributed with debian, but
a plain kernel from http://www.kernel.org

> -- 
>   Jack O'Quin
>   Austin, Texas, USA
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

"boredom is not a burden anyone should bear"

Reply to: