Re: Encrypted Filesystems
From: Foundation Linux (webmaster_at_foundationlinux.com)
Date: Sun, 23 Jan 2005 09:50:11 +0000 To: Tales Teixeira <firstname.lastname@example.org>
Tales Teixeira wrote:
>I'm studying about encrypted filesystems and i found a few of then. I
>would like to know more about this in operation systems like Linux
>Debian, Slackware and others "flavors". I'm sorry if this question had
>been answer, but i didn't find.
>Sorry for my "Brazilian english"
Encrypted filesystems in Linux are pretty much handled the same way in
all distributions. The loopback mechanism is used to associate a
virtual filesystem with a real filesystem, but filtering it thru a crypo
engine (or something else) first. Usually, the crypto hooks in the
Kernel must be activated and the algorithms you want to use selected
before it all will work.
LoopAES (http://sourceforge.net/projects/loop-aes/) is a very nice
package that implements the U.S. Advanced Encryption Standard as a
filesystem or swap (virtual memory) encryptor.
Traditional Linux FS encryption uses losetup
(http://linux.about.com/library/cmd/blcmdl8_losetup.htm) to set up the
loop and specify the algorithm. There are modifications (patches) to
allow it to use more than just DES. You will need the appropriate
patches for the mount command as well.
With Linux kernel 2.6 the cryptographic functions are integrated. You
can read more about the cryptoloop subsystem from the HOWTO
I hope this gets you started in the direction you wanted to go.