Brian Epstein on 4 Feb 2006 13:40:54 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] /proc/crypto/cipher


On Thu, 2 Feb 2006, Greg Lopp wrote:

I have an installer that appears to mount a crypto'd loopback image. It asks me for a password and then, according to strace, tries to access /proc/crypto/cipher.

What kernel are you running on? I think /proc/crypto/cipher has been replaced in later versions of the kernel. Here is the process I use to mount an encrypted loopback image.


I am running a 2.6.11 kernel. First, I make sure that the cryptoloop and blowfish modules are loaded (I use blowfish). You can see which algorithms are available by looking in the following directory:

	$ ls /lib/modules/`uname -r`/kernel/crypto
	anubis.ko    cast6.ko        des.ko     michael_mic.ko  tea.ko
	arc4.ko      crc32c.ko       khazad.ko  serpent.ko      twofish.ko
	blowfish.ko  crypto_null.ko  md4.ko     sha256.ko       wp512.ko
	cast5.ko     deflate.ko      md5.ko     sha512.ko
	$

You need to know which algorithm is being used in your image in order to mount it.

Next, check and make sure that the modules really loaded:

	$ lsmod | egrep -e "blowfish|cryptoloop"
	blowfish               12353  0
	cryptoloop              7361  0
	loop                   19401  1 cryptoloop
	$

Now, setup your loopback device:

	$ su
	# losetup -e blowfish /dev/loop1 /path/to/file.img
	Password:
	#

Now, mount it up.

	# mount /dev/loop1 /path/to/mountpoint

When you are doing with it, make sure to unmount and destroy the loopback adapter.

	# umount /path/to/mountpoint
	# losetup -d /dev/loop1

On an aside, if you are creating a new image, make sure to fill it with random data. For example, if you want a 10meg encrypted partition, use this process.

	$ su
	# dd if=/dev/urandom of=/path/to/file.img bs=1024 count=10240
	10240+0 records in
	10240+0 records out
	# losetup -e blowfish /dev/loop1 /path/to/file.img
	Password: enternewpasswordhere

	# mkfs.ext3 /dev/loop1
	mke2fs 1.38 (30-Jun-2005)
	...
	# mount /dev/loop1 /path/to/mountpoint

Now interact with /path/to/mountpoint as if it were any other normal path.

Remember, the password that you set above is the one and only password for this encrypted filesystem. You only get to set it once, so be careful. I would suggest practicing mounting and umounting before putting important files in there. If you forget the password, or fat-finger it when you created the device, the data inside will be useless junk (as expected).

In order to change the password, you will have to create another crypted loop device and copy all the files over. So, make sure it is a really good password. It is quite a pain to move the files around.

Lemme know if you need help,
ep

--
Brian Epstein <ep@epiary.org>
Key fingerprint = F9C8 A715 933E 6A64 C220  482B 02CF B6C8 DB7F 41B4
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug