Gentoo Archives: gentoo-security

From: Sune Kloppenborg Jeppesen <jaervosz@g.o>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Encrypting a user home folder on a laptop
Date: Sat, 16 Feb 2008 12:15:21
In Reply to: [gentoo-security] Encrypting a user home folder on a laptop by Randy Barlow
On Saturday 16 February 2008, Randy Barlow wrote:
> I am probably being paranoid, but I'd like to encrypt my /home/username > folder on my laptop. I tried EncFS using [1], but KDE didn't seem to > work under that setup because of the restriction that the filesystem > doesn't support hardlinks. So now I am playing around with [2]. The > only problem I have here is that it seems like I have to know in advance > what size I want to use for my home folder (I am using a file as a > loopback device rather than a partition, mostly because I already have a > system up and don't want to mess with resizing partitions). Is there > any way to resize the loopback device on the fly, or do you just have to > create a new one and copy the files into it every time you need to resize?
I have some old notes lying around about this. If you're working without partitions and using ext something like the following should work. Note it is not on the fly, but OTOH you don't have to start from scratch either. Unmount loopback device. Enlarge protected_file dd if=/dev/urandom bs=1024k count=10 >> protected_file Setup loopdevice losetup /dev/loop6 protected_file Setup the crypto device cryptsetup -y create testcrypt /dev/loop6 Now enlarge the filesystem fsck.ext2 -f /dev/mapper/testcrypt Though you should test it before running it on your home dir (and report back here)! HTH. -- Sune Kloppenborg Jeppesen Gentoo Linux Security Team -- gentoo-security@l.g.o mailing list