Re: Loopback file system encryption with kernel-source-2.4.19?
Haim Ashkenazi <email@example.com> writes:
> After you recompile your kernel with encryption support, you might want
> to use this line in '/etc/fstab' instead of using sudo:
> "/home/haim/.crypto /home/haim/crypto ext2
> defaults,exec,noauto,loop,encryption=AES128,user,exec 0 0"
> ofcourse it should be in one line. remember also to put "exec" after
> "user" if you want to be able to run executeables from this file system.
Thanks for the pointers, Haim. It's all working now, except for the
key size. I'm using aes with a 256-bit key.
My /etc/fstab says:
/home/joq/.crypto /home/joq/private ext2 defaults,noauto,loop,encryption=aes,user 0 0
This works fine, but the mount command asks for the key size every
time I do the mount. Is there some way to automate that? I tried
setting encryption=aes256, but then I get:
The cipher does not exist, or a cipher module needs to be loaded into the kernel
ioctl: LOOP_SET_STATUS: Invalid argument
I tried adding keybits=256, but it still asks for the key size. The
Debian losetup *does* support "-k 256" on the command line. Man
mount(1) mentions that keybits parameter under its "-o" options, but I
can't figure out how to make it work.
Austin, Texas, USA