Re: hi...iam a student from nit warangal india plz help me in linux encrypted file system project...
- From: Douglas Mayne <doug@xxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Mar 2007 07:27:06 -0600
On Tue, 27 Mar 2007 08:09:51 +0200, Matthias Fassl wrote:
<snip>
<snip>
iam working in redhat linux version 2.4
<snip>
Do you know that "cryptographic features" already exist? File-System
independant?
Cryptographic features have gone through quite a bit of evolution.
Hopefully, they will settle down now with the built in support provided by
device mapper (see below.) I never used the CFS in the article you
referenced, but I did use cryptoloop, and now device mapper.
Device Mapper: The 2.6.x kernel supports encryption via device mapper's
dmcrypt module. Device mapper replaces cryptoloop. The OP may want to use
a more up to date distribution with support for the 2.6.x kernel. In
addition to kernel support, you probably want the tool crypsetup from the
luks project. Other than that, you can add a fast and transparent
cryptographic "pipeline stage" just above the hardware device level. The
example below is an overview of how it works, AIUI:
Suppose /dev/hda7 is available and you would like to encrypt its future
contents. I will use the XFS on top of device mapper, because it is a
journaled filesystem with a good reputation.
To illustrate:
/dev/hda7 -> real partition
/dev/mapper/hda7 -> dmcypt encryption associated with /dev/hda7
Use cryptsetup to make the association:
# cryptsetup -h plain -c aes256 create hda7 /dev/hda7
Format the encrypted device:
# mkfs.xfs /dev/mapper/hda7
Mount it;
# mount /dev/mapper/hda7 /mnt/hda7
Now, when you write to the object mounted, this occurs:
file write -> mount (/mnt/hda7) -> filesystem layer -> encryption via
dmcrypt -> physical write from device (/dev/hda7)
And when you read from the object mounted, this occurs
file read <- mount (/mnt/hda7) <- filesystem layer <- decryption via
dmcrypt <- physical read from device (/dev/hda7)
This article has some good examples:
http://linuxgazette.net/114/kapil.html
Follow along and practice with some of the examples. Use caution if
working as the root user and directly with partitions, or use a disposable
system for practice sessions.
--
Douglas Mayne
.
- References:
- hi...iam a student from nit warangal india plz help me in linux encrypted file system project...
- From: softsubbu.opensource@xxxxxxxxx
- Re: hi...iam a student from nit warangal india plz help me in linux encrypted file system project...
- From: Matthias Fassl
- hi...iam a student from nit warangal india plz help me in linux encrypted file system project...
- Prev by Date: Re: hi...iam a student from nit warangal india plz help me in linux encrypted file system project...
- Next by Date: Re: FREE Linux Shell Provider
- Previous by thread: Re: hi...iam a student from nit warangal india plz help me in linux encrypted file system project...
- Next by thread: Re: Formatting C drive
- Index(es):
