Re: Encrypted Filesystems
From: Harald Eder (admin_at_eder-harald.com)
To: email@example.com Date: Mon, 24 Jan 2005 19:48:29 +0100
On Saturday, 22. January 2005 02:33 Joachim Schipper wrote:
> On Wed, Jan 19, 2005 at 08:11:55PM -0300, Tales Teixeira wrote:
> > Dear sirs,
> > I'm studying about encrypted filesystems and i found a few of then. I
> > would like to know more about this in operation systems like Linux
> > Debian, Slackware and others "flavors". I'm sorry if this question had
> > been answer, but i didn't find.
> > Sorry for my "Brazilian english"
> > :-P
> > Best Regards,
> > Tales Teixeira.
> Dear Tales,
> I'd recommend using loop-aes (aesloop) myself; I just set it up. It
> really isn't too difficult, but do make backups first (this goes for all
> Additionally, it is the most secure of the implementations, or so it
> seems from a little research. In particular, vanilla Linux ships with
> cryptoloop which isn't as secure as it should be (there isn't enough
> randomization involved, so it is possible to conduct some attacks based
> on presumed plaintext).
> A slight problem with loop-aes is that it isn't exactly fast, but that,
> again, goes for all the things involved.
> I can't really help with any specific distribution - my system is pretty
> much a homebrew. Patching the kernel and compiling everything from
> source isn't too difficult, though (not in comparison to something like
> PaX, anyway...). It is also possible to build a loadable module, though
> the kernel should not have CONFIG_BLK_DEV_LOOP enabled (neither built-in
> nor as a module), so you are quite likely to have to recompile a kernel
> I've seen mention of loop-aes packages in both Debian and Slackware
> Good luck!
here are some posts from gentoo forums, which you might find useful.
encrypted root and swap with loop-aes or gpg:
encrypted root with dm-crypt:
encrypted partitions using lvm on software raid: