Dan Drake wrote: >On Wed, 16 Jul 2003 at 20:57 -0500, Mike Hicks wrote: > > >>I'm also interested in playing around with some of the crypto stuff in >>the kernel. >> >> > >Me too. I'm interesting in encrypting my home directory (or the partition >it resides on)...if anyone knows any links, post 'em. > >Dan > > Got this off of a free Linux Journal issue. Here's a quick example. Kernel needs CONFIG_CRYPTO, CONFIG_CRYPTOLOOP, and CONFIG_CIPHERS #Create file to store the filesystem image dd if=/dev/urandom of=encryptedfs.img bs=1M count=20 #Create a loopback interface using the AES cipher, this may need a password/key size depending on the cipher used losetup -e aes /dev/loop0 encryptedfs.img #mkfs mkfs -t ext2 /dev/loop0 #mount, this may need a password/key size depending on the cipher used mount -o loop,encryption=aec encryptedfs.img /home/user I recommend getting the issue (08/2003) as the article goes into much greater detail and shows how to automount on login. It also has a couple nice sections about NSA's SE Linux, and a quick list of OpenSSH tricks. It also mentions that the AES cipher is about 50% slower on the machine they used. It would be interesting to compare specs (cpu/hd/ram) and speeds with various ciphers and systems. Didn't find much for links with google, but here's a german site that basicly goes through the same steps here. (google translated) http://translate.google.com/translate?hl=en&sl=de&u=http://www.thomas-alfeld.de/frank/index.php%3Ffile%3Dmisc%252FCrypto%2BLoop&prev=/search%3Fq%3DCONFIG_CRYPTOLOOP%2Bhome%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26sa%3DG Enjoy Chris Frederick _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list