Re: [SLUG] file encryption

From: Eben King (eben1@tampabay.rr.com)
Date: Thu Dec 22 2005 - 15:52:06 EST

Next message: Richard Morgan: "Re: [SLUG] file encryption"
Previous message: chris lee: "Re: [SLUG] file encryption"
In reply to: Mike Branda: "[SLUG] file encryption"
Next in thread: Richard Morgan: "Re: [SLUG] file encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 22 Dec 2005, Mike Branda wrote:

> So I have a few files that I need to encrypt somehow. I was wondering
> what tools others are using (without compromising secrets) and any
> suggestions on the encrypt/decrypt process. I know there was some
> discussion on storing the crypt key (not keeper) on a CF card or USB key
> a while back. I don't need to do a whole file system. just a file, or a
> folder or 3.

What I've done in the past is to create a file full of zeroes with dd (big
enough to hold your encrypted data), use losetup to attach it to a loop
device, then mkfs the loop device. The encryption is specified by this
losetup option:

-e encryption
enable data encryption. The following keywords are recognized:

         NONE use no encryption (default).
         XOR use a simple XOR encryption.
         DES use DES encryption. DES encryption is only available if
                the optional DES package has been added to the kernel.
                DES encryption uses an additional start value that is
                used to protect passwords against dictionary attacks.

You may need to roll your own kernel.

Once a filesystem is laid down, the file can be mounted in the normal
fashion:

One further possible type is a mount via the loop device. For example,
the command

mount /tmp/fdimage /mnt -t msdos -o loop=/dev/loop3,blocksize=1024

  will set up the loop device /dev/loop3 to correspond to the file
  /tmp/fdimage, and then mount this device on /mnt. This type of mount
  knows about three options, namely loop, offset and encryption, that are
  really options to losetup(8).

I haven't done that in a while, so I may have left out a step. Also, that's
not really what you asked for, but that's all I can offer. Well, I know of
password-protected Zip archives, but I believe there are easy ways to defeat
that.

-- I firmly believed we should not march into Baghdad ...To occupy Iraq would instantly shatter our coalition, turning the whole Arab world against us and make a broken tyrant, into a latter-day Arab hero assigning young soldiers to a fruitless hunt for a securely entrenched dictator [.] - George Bush Sr.

----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.

Next message: Richard Morgan: "Re: [SLUG] file encryption"
Previous message: chris lee: "Re: [SLUG] file encryption"
In reply to: Mike Branda: "[SLUG] file encryption"
Next in thread: Richard Morgan: "Re: [SLUG] file encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:07:00 EDT