Encryption File System Cryptsetup configuration

cryptsetup - setup cryptographic volumes for dm-crypt (including LUKS extension)
Test in Centos5.3



Normal cryptsetup (without luks)

dd if=/dev/zero of=/root/efsdata bs=1M count=100
losetup /dev/loop0 /root/efsdata

First , we create efs storage (100Mb in this sample) by using loopsetup. Actually if you have other device, such as USB /dev/sdb1 or DRBD /dev/drbd0, you can skip this part. You also can put losetup /dev/loop0 /root/efsdata in the startup /etc/rc.local

cryptsetup -y create efsdata /dev/loop0
mkfs.ext3 /dev/dev/mapper/efsdata
mkdir /mnt/efsdata

Make the first efs and password for /dev/loop0.
After mkfs, the efs /dev/mapper/efsdata will be created.
Create /mnt/efsdata for mounting.
This part only for first time creation of efs or you want change password to re-format efs.

cryptsetup remove efsdata
cryptsetup create efsdata /dev/loop0
mount /dev/mapper/efsdata /mnt/efsdata

It is Mounting commands. It is required for password input.
You can also use key file eg:
"cat /root/efs.key | cryptsetup create efsdata /dev/loop0"
You can make the mount-efs.sh script for this past

umount /mnt/efsdata
cryptsetup remove efsdata

It is UnMounting commands.
You can make the umount-efs.sh script for this past

P.S. (/dev/loop0 can be instead of other device).
P.S. If you input wrong password, you will get message "mount: you must specify the filesystem type" only while mounting.


Server is hosted by Alanstudio
Linux Operating System

Recommend screen resolution 1024 x 768 / IE / FireFox
Alan Studio © 2007 by Alan Cheung Hin Lun. All rights reserved.