/ Linux Reviews / Security Howtos - File system encryption / Cryptoloop encrypted file systems Privacy Howto - en


Cryptoloop HOWTO

Ralf Hölzer

2004-01-15

Revision History
Revision 1.22004-03-12Revised by: rh
Added information on dm-crypt, updated loop-AES info, added more info on security
Revision 1.12004-01-24Revised by: rh
Updated information on patching util-linux, Loop-AES, Best Crypt
Revision 1.02004-01-17Revised by: rh
Initial release, reviewed by TM at LDP.
Revision v0.92004-01-15Revised by: rh
Updated and converted to DocBook XML.

This document explains how to create encrypted file systems using the Cryptoloop functionality. Cryptoloop is part of the CryptoAPI in the 2.6 Linux kernel series.


1. About this document

This HOWTO describes how to use the Cryptoloop loop device encryption in the 2.6 Linux kernel series. Cryptoloop makes it possible to create encrypted file systems within a partition or another file in the file system. These encrypted files can the be moved to a CD, DVD, USB memory stick, etc. Cryptoloop makes use of the loop device. This device is a pseudo-device which serves as a "loop" through which each call to a the file system has to pass. This way, data can be processed in order to encrypt and decrypt it. Since kernel 2.6, the Crypto API has been integrated into the main kernel, and setting up an encrypted file system has become much easier. No additional kernel patches are required. An update of some userspace utilities is necessary. Unfortunately, the use of Cryptoloop is not very well-documented so far. This HOWTO is an attempt to make it easy everyone to create an encrypted file system using the standard Cryptoloop functionality. Cryptoloop is based on the Crypto API in the 2.6 Linux kernel. It should not be confused with Loop-AES, which is a completely separate project. Cryptoloop is similar to the Crypto API that was available as a separate patch for the 2.4 kernel series. The new version is not compatible with the older one.

1.1. Copyright and License

This document, Cryptoloop HOWTO, is copyrighted © 2004 by Ralf Hölzer. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html.

Linux is a registered trademark of Linus Torvalds.

1.2. Disclaimer

No liability for the contents of this document can be accepted. Use the concepts, examples and information at your own risk. There may be errors and inaccuracies, that could be damaging to your system. Proceed with caution, and although this is highly unlikely, the author(s) do not take any responsibility.

All copyrights are held by their by their respective owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Naming of particular products or brands should not be seen as endorsements.

1.3. Credits / Contributors

I'd like to thank the following people who helped me improve this HOWTO:

  • Dennis Kaledin

  • Binh Nguyen

  • David Lawyer

  • Tabatha Marshall

  • Kian Spongsveen

1.4. Feedback

Feedback is most certainly welcome for this document. Send your additions, comments and criticisms to the following email address : .


/ Linux Reviews / Security Howtos - File system encryption / Cryptoloop encrypted file systems Privacy Howto


Meet new people

Adult Dating