On Tue, May 08, 2012 at 06:05:30PM -0400, .. ink .. wrote: > > first, let me say that you are horribly abusing cryptsetup here, > > with, I am sure, all kinds of repercussions that will come to haunt > > you. That said... > > > > can you expand on this? It seem the most logical step to take after what i > already have. > zulucrypt can create encrypted volumes in files,same as truecrypt. It first > creates a file,put a file system in it and then encrypt the file. how does > truecrypt create encrypted volumes in files? > > All i seem to be doing is skipping a step,the file system creation step. Ah. But that is competely different from encrypting a file with GnuPG. If you encrypt a file with GnuPG, you cannot change any part without all later blocks becomming unreadable. That is what the CFB mode used does. This is a massive gain in security, but of course completely unusable to encrypt anything that has a filesystem in it that is written to. If you just put an encrypted filesystem in a file, that is basically described in FAQ item 2.3. Is that what you are doing? But that is not file encryption. That is still filesystem encryption with all its limitations compared to file encryption, but the advantage that you can change sectors without influencing others. As to "static encrypted strings" in the second case, do not worry. The filesystem already puts plenty of them in there. In fact, trying a "mount" is a pretty reliable way of determining whether the right key was used in decryption. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt