Linux: use a file as an encrypted partition with cryptsetup
I’ve decided to move my encrypted /home partition from losetup to cryptsetup.
Instead of using a device (a disk partition) i used a 1o GB file and to do this i’ve upgraded cryptsetup to version 1.3.1 since Slackware 13.37 has the 1.2.0 one.
I just compiled the new version using the 1.2.0 SlackBuild, it works.
I’m following the README_CRYPT.TXT Slackware howto.
First, let’s create the crypted file that will “host” our new /home:
dd if=/dev/urandom of=/crypt_home bs=1M count=10000
Now prepare the partition for encryption (choose a good password!):
cryptsetup -s 256 -y luksFormat /crypt_home WARNING! ======== This will overwrite data on /crypt_home irrevocably. Are you sure? (Type uppercase yes): YES Enter LUKS passphrase: Verify passphrase:
We’ll call our mapped device “crypthome”, just like in the Slackware howto:
cryptsetup luksOpen /crypt_home crypthome
Create an ext4 filesystem (just for example):
mkfs.ext4 -j /dev/mapper/crypthome
I’ve add in my /etc/rc.d/rc.local:
echo "MOUNTING CRYPTED HOME.." cryptsetup luksOpen /crypt_home crypthome mount /dev/mapper/crypthome /home/simplex