Results 1 to 5 of 5

Thread: The Linux File System Encryption API

  1. #1
    Join Date
    Sep 2010
    Posts
    15

    The Linux File System Encryption API

    Let me tell you that I am here to clear some doubts regarding File System Encryption API in Linux. I know that the Linux System is famous for security of the network access & the users management. Now the main question arises for me, is there any way to secure the Linux local file system? Also I just know (blurry) that loop device has to so something with it.!? I am not sure but just want to confirm. Please provide some more details about these queries. Any other information related to File System Encryption API would be helpful.

  2. #2
    Join Date
    Feb 2010
    Posts
    131

    Re: The Linux File System Encryption API

    Now the main question arises for me, is there any way to secure the Linux local file system?
    The answer is Yes!! From the core Linux version 2.4.22, Linux has been added the support of the encrypt local Linux file system, called Scatter list Cryptographic API which is coming together with the newly Linux kernel version 2.5/2.6. To use this API to encrypt a local linux file system, it need another thing called loop device. Also you will have to note that two versions of it exits the "Cryptographic API". The early one as the patch of the Linux kernel 2.2 and 2.4; The latest one has been sincere Added the Linux kernel 2.5/2.6, and it first show up with the version is 2.4.22.

  3. #3
    Join Date
    Feb 2010
    Posts
    182

    Re: The Linux File System Encryption API

    The linux loop device can be used to handle this - it makes a file look like a file system, and the file can be defined as a byte offset from the beginning of a primary partition. Yes, the loop device can be added the encryption function and then we write data into it. So, we can convert an encrypted file into a loop device, and then we mount this loop device, just like DVD disk to mount to the local file system. And know that we should not only the content of the file is encrypted, goal FHS information, the name of the file, the permission of this file and so on .... Cryptoloop is the software by means of the cryptographic API and it suggests the support to the exiting different encryption algorithm, like the aes, des, bolwfish, twofish, and serpent, which are integrated by the scatter list cryptographic API.

  4. #4
    Join Date
    Feb 2010
    Posts
    148

    Re: The Linux File System Encryption API

    For the Linux system users whose using the original Linux kernel 2.4.22 before the release, it is not possible to encrypt a file on the local file system, or the local file system, or a hard disk, or event the swap of the Linux system. So, it needs to make a patch to Linux kernel their encryption function to add this to the Linux kernel. For the Linux kernel version 2.4, it is the following need to do work:
    • The Linux kernel source 2.4.22
    • The Cryptoloop patch to the Linux system (two options: patch-2.4.22.0-cryptoloop, gold patch cryptoloop-hvr-2.4.22.0)

    For the Linux kernel version 2.6, it is originally it stable and supported the cryptographic API, tea crypto loop & the IPSec device, so, no need to patch any more.

  5. #5
    Join Date
    Feb 2010
    Posts
    207

    Re: The Linux File System Encryption API

    Now we are going to setup an encrypted file system for a user private use, and this encrypted file system is "under the home directory of this user. We can use another file system structure to be stand of the encrypted in user's home directory, like "/ crypt / users", which contains both the encryption container each & the user's encrypted file system. The followings are commands to show you how to create encryption container annually, for that you will have to define the path and the parameters encryption, and we give a name to the file which will be the container of the encrypted file system.
    Code:
    // Choose one From The available loop devices, and Number is Between 0 and 7 
      LOOP # = / dev/loop0 
      // Location of the Point The mount point encryption 
      MOUNTPOINT # = $ HOME / crypt 
      // The Name Of The encrypted file Which Contains the encrypted file system 
      # Container = $ MOUNTPOINT /.crypt.img 
      // Define the encryption algorithm, here we use AES 
      CYPHER # = aes 
      // Set The offset 
      # Read Sector 
      OFFSET = # $ (*Sector $ 512) 
      // Get the Size of the container (Mb) 
      # Read SIZE
    The Creation Of The Container Encryption:
    Code:
    // Just remember not to use the Directory / dev / zero For the encryption container 
      # Mkdir-p $ MOUNTPOINT 
      # Dd if = / dev / urandom of = $ bs = 2M CONTAINER count = $ SIZE 
      # Chmod 600 $ container
    Turn o the encryption system, at this step, the System will ask you to choose a password encrypted file system.
    Code:
    // Add The modules into memory, The system running kernel 
      # Modprobe loop 
      # Modprobe Cryptoloop 
      # Modprobe aes 
      // The force of Cryptoloop daemon, and Give the password 
      # / Usr / loca / sbin / losetup-e-CYPHER $ $ o $ OFFSET $ LOOP CONTAINER 
      // If you want to Get the configuration information about the loop devices, you can do it like this: 
      # / Usr / local / sbin / losetup $ LOOP
    Lastly initialization of the encryption.

Similar Threads

  1. which one is the best file system for linux?
    By Schulz in forum Operating Systems
    Replies: 5
    Last Post: 07-05-2011, 07:46 AM
  2. What is a Journaling file system in Linux?
    By Tuhina in forum Software Development
    Replies: 7
    Last Post: 28-02-2011, 08:42 PM
  3. Best Linux File System of All
    By Pakhi in forum Software Development
    Replies: 8
    Last Post: 28-02-2011, 08:41 PM
  4. Complete Linux File System
    By spookshow in forum Guides & Tutorials
    Replies: 2
    Last Post: 07-01-2011, 05:23 AM
  5. File system for Linux
    By shivinder in forum Operating Systems
    Replies: 4
    Last Post: 08-11-2008, 01:14 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,648,955.86002 seconds with 17 queries