1 |
On Saturday 16 February 2008, Randy Barlow wrote: |
2 |
> I am probably being paranoid, but I'd like to encrypt my /home/username |
3 |
> folder on my laptop. I tried EncFS using [1], but KDE didn't seem to |
4 |
> work under that setup because of the restriction that the filesystem |
5 |
> doesn't support hardlinks. So now I am playing around with [2]. The |
6 |
> only problem I have here is that it seems like I have to know in advance |
7 |
> what size I want to use for my home folder (I am using a file as a |
8 |
> loopback device rather than a partition, mostly because I already have a |
9 |
> system up and don't want to mess with resizing partitions). Is there |
10 |
> any way to resize the loopback device on the fly, or do you just have to |
11 |
> create a new one and copy the files into it every time you need to resize? |
12 |
I have some old notes lying around about this. |
13 |
|
14 |
If you're working without partitions and using ext something like the |
15 |
following should work. Note it is not on the fly, but OTOH you don't have to |
16 |
start from scratch either. |
17 |
|
18 |
Unmount loopback device. |
19 |
|
20 |
Enlarge protected_file |
21 |
dd if=/dev/urandom bs=1024k count=10 >> protected_file |
22 |
|
23 |
Setup loopdevice |
24 |
losetup /dev/loop6 protected_file |
25 |
|
26 |
Setup the crypto device |
27 |
cryptsetup -y create testcrypt /dev/loop6 |
28 |
|
29 |
Now enlarge the filesystem |
30 |
fsck.ext2 -f /dev/mapper/testcrypt |
31 |
|
32 |
Though you should test it before running it on your home dir (and report back |
33 |
here)! |
34 |
|
35 |
HTH. |
36 |
|
37 |
-- |
38 |
Sune Kloppenborg Jeppesen |
39 |
Gentoo Linux Security Team |
40 |
-- |
41 |
gentoo-security@l.g.o mailing list |