[lug] changes in encryption
D. Stimits
stimits at comcast.net
Wed Sep 5 19:50:38 MDT 2007
D. Stimits wrote:
> Steve Sullivan wrote:
>> Is it simply an encrypted file or is it an encrypted file system?
>> If it's just a file, you might try ccrypt, an aes implementation:
>> http://ccrypt.sourceforge.net/
>>
> Hmm, looks like a useful utility. Unfortunately, it's encrypted ext2.
> Might be interested to try to use the output piped to dd and see if
> the result is usable (not likely, but I think I'll try just for fun).
>
> It looks like losetup probably has to be replaced, and the kernel have
> modifications if I want to loopback mount as is. I might have to
> reload an older system under something like xen.
Well, once again to answer my own question. It turns out that the
loopback has not changed. What has changed is the additional 64 bit
kernel module that is not required in 32 bit. So once the right kernel
modules are loaded, including the 64 bit aes, everything just works.
Docs do say though that this loopback system is going away in the
future, so I'm curious if anyone here can give their thought on how
easy/difficult dm-crypt management is compared to loopback? I'm not so
sure that dm-crypt can be as flexible, it sounds like it requires a
partition or volume to act on, versus loopback's ability to work on a file.
D. Stimits, stimits AT comcast DOT net
More information about the LUG
mailing list