[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Loopback file system encryption with kernel-source-2.4.19?

Haim Ashkenazi <haim@consonet.com> writes:

> After you recompile your kernel with encryption support, you might want
> to use this line in '/etc/fstab' instead of using sudo:
> "/home/haim/.crypto      /home/haim/crypto       ext2   
> defaults,exec,noauto,loop,encryption=AES128,user,exec 0 0"
> ofcourse it should be in one line. remember also to put "exec" after
> "user" if you want to be able to run executeables from this file system.

Thanks for the pointers, Haim.  It's all working now, except for the
key size.  I'm using aes with a 256-bit key.  

My /etc/fstab says:

  /home/joq/.crypto /home/joq/private ext2 defaults,noauto,loop,encryption=aes,user  0   0

This works fine, but the mount command asks for the key size every
time I do the mount.  Is there some way to automate that?  I tried
setting encryption=aes256, but then I get:

  The cipher does not exist, or a cipher module needs to be loaded into the kernel
  ioctl: LOOP_SET_STATUS: Invalid argument

I tried adding keybits=256, but it still asks for the key size.  The
Debian losetup *does* support "-k 256" on the command line.  Man
mount(1) mentions that keybits parameter under its "-o" options, but I
can't figure out how to make it work.

  Jack O'Quin
  Austin, Texas, USA

Reply to: