[NBLUG/talk] Crypt Filesystems
Walter Hansen
gandalf at sonic.net
Sun Jul 30 14:44:01 PDT 2006
Lincoln Peters wrote:
> On Jul 30, 2006, at 12:40 AM, Jacob Appelbaum wrote:
>> Hrm. That's a shame. I don't suggest you recompile your kernel for this
>> as it's not needed. Loop-aes is only a patch to the loop module and thus
>> it's not required to recompile anything unless the loop device is
>> compiled in (which it's not by default in debian).
>
> Why not use dm-crypt? You'd get the same results while eliminating the
> overhead of a loopback filesystem. I can't see any advantage to
> loop-aes (or any sort of cryptoloop) unless you're trying to encrypt
> something that can't be written to the same way as a standard block
> device (e.g. a CD or DVD).
>
> I don't know if a kernel recompile would be needed to support dm-crypt
> on Debian, as I have not used the stock kernels in Debian (i.e. I've
> built my own) for years. You probably wouldn't, though, as the
> userspace tools for managing dm-crypt are available in the apt
> repository, and I would be surprised if they're available but the
> dm-crypt module itself isn't.
I did try a dm-crypt install friday night, but it did not go. Looks like
device-mapper drivers are missing from the kernel. So likely that method
would requre a re-compile also.
I don't have a fear of compiling a custom kernel, but I'm running a
debian sarge amd 64 kernel and I'm concerned that this would mess up how
the apt-get works for some reason. Also I'm not at all sure what the
debian way for compiling a kernel (and a pretty custom one [64bit]) goes.
More information about the talk
mailing list