Error correction with aes-looback / cryptoloop?
William Park
opengeometry-FFYn/CNdgSA at public.gmane.org
Thu Feb 28 03:02:12 UTC 2008
On Tue, Feb 26, 2008 at 09:49:10PM -0500, Mike Oliver wrote:
> I have a laptop on which I would like to put my
> $HOME directory on an encrypted partition, in case
> someone were to steal it in an airport or something.
> I've been experimenting with using an encrypted
> loop device using the cryptoloop module and AES128
> encryption.
>
> It seems to work fine, but I'm not so happy about the
> thought that a one-bit HDD error could make me lose the
> entire partition. I was wondering if anyone knows whether
> any of the available encryption options use error
> correction, so as to greatly mitigate this possibility?
> I would happily accept a 10% file size increase for
> this purpose.
I found that 'dm-crypt' and 'EncFS' are two easiest methods. 'dm-crypt'
does block encryption (ie. disk partition), and 'EncFS' does files
encryption (ie. directory tree).
Since you want to encrypt the entire "home" partition, try 'dm-crypt'.
It sits at the same level as raid. You need 'cryptsetup' package, which
automatically loads all the necessary kernel modules for you. Usage
would go something like
cryptsetup create home /dev/hda4
mke2fs -j /dev/mapper/home
mount /dev/mapper/home /home
umount /home
cryptsetup remove home
--
William Park <opengeometry-FFYn/CNdgSA at public.gmane.org>, Toronto, Canada
BashDiff: Super Bash shell
http://freshmeat.net/projects/bashdiff/
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list