Tip of the day: Creating an encrypted filesystem

I’ve been trying to create an encrypted filesystem for quite some time now, I’ve not been able to do it since I’ve not known exactly what to look for.

Thing is, an encrypted filesystem (in Linux atleast) is not a filesystem like ext3, reiserfs etc. Rather, its a lower level mapping that creates an encrypted device on which we can create a filesystem of our choice.

I’m writing this because I found it hard to come across this tutorial, and even then its not as hard as it appears to be. This tutorial may be specific to Ubuntu.

Anyway, first create some free space (I had about 433 MB) and then create a partition on it (you don’t need to format it).

Do these as root:
Step 1. modprobe dm-crypt
Step 2. sudo cryptsetup -c aes -h ripemd160 -b `sudo blockdev --getsize $DEV` create cryptvol1 $DEV

Replace $DEV with the device of your choice.. in my case /dev/sda8. It will ask you for your password. You might want to add a “-y” for it to ask for a password confirmation. This creates the encrypted device, with its unencrypted version on /dev/mapper/cryptvol1.

Well then:
Step 3. mkfs.ext3 /dev/mapper/cryptvol1
Step 4. mount /dev/mapper/cryptvol1 /my/favourite/mountpoint

Next time you need to use the partition, you will need to do each step, excluding, of course, Step 3. To simplify things for myself I use a script.

So what do I use it for? Currently for credit card and banking passwords which cannot be stored reliably anywhere else.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: