Boyd Waters wrote: > Stian B. Barmen wrote: > > dd if=/dev/hdb1 of=/dev/loop1 bs=64k conv=notrun > > > > I am not sure what the dd does, but it seems to do the encryption > > of the filesystem. Is this correct? > > The /dev/loop is performing the encryption of the filesystem. The "dd" > command simply blasts bytes from the "input file" (if) to the "output > file" (of), it does not know anything about encryption... > > The loop-aes documentation (which is excellent, by the way) instructs > you to download "aespipe" and use it to encrypt your system. I do not > think this is necessary; I think that a dd command like yours is sufficient. This statement of yours about aespipe is a little bit out of context. Direct 'dd' to and from loop devices work just fine... if you have a kernel that supports loop crypto. Loop-AES' README recommends use of userspace aespipe program with boot floppy or CDROM. Statically linked aespipe program works regardless of what kernel and C library user's boot floppy or CDROM happens to include. It even works with FreeBSD if someone is inclined to do things the hard way. If you look at older loop-AES versions, they had encrypted root instructions that used dd command directly on loop device. But to be able to do that, people had to compile loop.o module for their boot floppy or CDROM kernel. That wasn't always a painless exercise. Regards, Jari Ruusu <jari.ruusu@xxxxxxxxxx> - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
