-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Does anybody have any links/howtos on creating an encrypted file system using ext3? Basically I want to encrypt /home and be asked the password when I mount the file system. - -- Cheers, Chris Howells -- chris@chrishowells.co.uk, howells@kde.org Web: http://chrishowells.co.uk, PGP key: http://chrishowells.co.uk/pgp.txt KDE: http://www.koffice.org, http://edu.kde.org, http://usability.kde.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8p4+yF8Iu1zN5WiwRAkHBAKCoMSryEa1ZDBUwAPllzuSN7I/7WQCgm6Zy miZyxbYTiooLuoBaZbfrTME=rbPW -----END PGP SIGNATURE-----
commence Chris Howells quotation:> Does anybody have any links/howtos on creating an encrypted file > system using ext3? Basically I want to encrypt /home and be asked > the password when I mount the file system. > > I'm not really sure which kernel patches are required (I'm running > 2.4.17) and what the best algorithm is to use (I'm not bothered > about speed).I'm running 2.4.18 with the cryptoapi patches. Works great with 256-bit Blowfish. There's a cryptoapi HOWTO out there somewhere; Google should turn it up easily. I'm using a simple script with gnupg so that I can use decently-sized keys for the FSes. Odds are that you won't be able to remember sufficient text to get 256 bits of randomness; I know that I sure can't! It's slightly less convenient to use, but if someone is going to see me typing a passphrase, I'd rather it was one I can change easily rather than one that would require me to copy five gigs of data around the place. -- ///////////////// | | The spark of a pin <sneakums@zork.net> | (require 'gnu) | dropping, falling feather-like. \\\\\\\\\\\\\\\\\ | | There is too much noise.