File To A Loop Device example essay topic
9... : ENCRYPTING: . I'll outline how to create encrypted containers and drives using the loop back file system support and file encryption via. [- = ] Containers [ = -] This is essentially creating a file system within a file and mounting it as a device.
Containers vastly decrease the tedious task of individually encrypting files since you simply move your files into the mount point and then un mount and they nicely encrypted. First, you need to create a blank file using the dd command. dd if = /dev / u random of = crypto. i mg bs = 1 M count = 50- The first parameter uses the / dev / u random device to create the file with random data to make it more difficult to distinguish between free space and encrypted data. The / dev / zero device can be used but is not advised. - The second parameter of = crypto. i mg defines the name to be given to the file and this can be changed to suit your preference.
- The third parameter bs = 1 M instructs the dd command to create the file in 1 MB blocks. I recommend you leave this value as 1 M- The final parameter defines the size of the file in relation to the bs parameter. Since bs = 1 M and count = 50 the file will be 50 MB hence changing the count value to 100 would yield a 100 MB file and so on. It is worth mentioning that the file can be resized once created this will be explained in the appendix. Second, the file must be associated to a loop device and encrypted. lo setup -e aes 256 /dev / loop 0 crypto. i mg- The parameter -e aes 256 at the beginning instructs lo setup on which cipher to use. The cipher type is dependent on what your kernel supports.
In this example the AES 256 bit cipher is used but you can use other cipher types such as blowfish interchangeably. - The second parameter / dev / loop 0 is the device to which we bind the file too. Binding the file will allow us to format the file with file system. - The final parameter specifies which file to bind to the loop device. Third, format the file with a file system and detach from loop device. mks -t ext 2 /dev / loop 0- The first parameter -t ext 2 instructs mks to format the file with the ext 2 file system.
This is recommended as it allows you to resize the file if need be. - The last parameter points toward the / dev / loop 0 device on which the file was bound. lo setup -d / dev / loop 0- This command detaches and frees the / dev / loop 0 device. Fourth, mounting your encrypted file system. mount -o encryption = aes 256 crypto. i mg crypto home- Using the mount the command the first parameter to be entered is encryption = aes 256 which will tell the mount command which cipher to use. The value must be the cipher which you used to encrypt the file.
- The second parameter specifies location of file to mount. - The third parameter designates the folder on which to mount the file. Once mounted you can move files into the mount point and create files within it and when you are done simply un mount the file. [- = ] Drives [ = -] First, assuming you for mated your drive bind the drive to a loop back device. lo setup -e aes 256 /dev / loop 0 /dev / sda 1- The parameter -e aes 256 at the beginning instructs lo setup on which cipher to use.
- The second parameter / dev / loop 0 is the device to which we bind the drive too. Binding the drive will allow us to format the file with file system. - The final parameter specifies which drive to bind to the loop device in this case / dev / sda 1 which most likely can be your USB flash drive. Third, detach from loop device. lo setup -d / dev / loop 0- This command detaches and frees the / dev / loop 0 device. Fourth, mounting your encrypted drive. mount -o encryption = aes 256 /dev / sda 1 crypto home- Using the mount the command the first parameter to be entered is encryption = aes 256 which will tell the mount command which cipher to use. The value must be the cipher which you used to encrypt the device.
- The second parameter specifies location of drive to mount. - The third parameter designates the folder on which to mount the drive. Once mounted you can move files into the mount point and create files within it and when you are done simply un mount the drive. [- = ] Files [ = -] Openssl is an excellent program to use to encrypt individual files with a wide assortment of cipher choices.
To encrypt a file its a simple matter of choosing a cipher and choosing a file to insert and output. enc -aes-256-cbc -salt -in password. txt -out password. txt. enc- The first part enc -aes-256-cbc -salt encrypts the file with the -aes-256-cbc cipher. For a complete list of cipher consult help using the -h command. - The last part specifies what the input file is and what to output it as. -in password. txt inputs the password. txt file and -out password. txt. enc outputs at password. txt. enc. (This is a rather redundant explanation but oh well) Now to decrypt a file. enc -d -aes-256-cbc -in password. txt. enc -out password. txt- The enc -d -aes-256-cbc part of the command specifies which cipher to use for decryption. - The -in password. txt parameter specifies which file to decrypt. - The final parameter instructs to output the decryption into a file.
This parameter can omitted and the file will be decrypted... : APPENDIX: . [- = ] Resizing containers [ = -] If you formatted your container with the ext 2 file system you can resize it with the ext 2 resize app. First, increase the size of the container. In this example the file acting as the encrypted container is called crypto. i mg and its size is incremented by 20 MB. dd if = /dev / u random bs = 1 M count = 20 crypto. i mg- The of = parameter is omitted and instead is used at the end of the command to append 20 MB to the crypto. i mg file.
Second, bind the file to a loop device. lo setup -e aes 256 /dev / loop 0 crypto. img Third, extend the ext 2 file system within the container. ext 2 resize / dev / loop 0 That is all that's needed to resize your encrypted container.