On Fri, May 16, 2014 at 12:00 AM, .. ink .. <mhogomchungu@xxxxxxxxx> wrote:
On Thu, May 15, 2014 at 9:58 PM, Franz <169101@xxxxxxxxx> wrote:
Wow it works!! I cannot believe it was that easy. Also I was able to create a container called only test, without the .img extension to hidden the file among other files. Many thanks INK you are great!
You should know that LUKS header volume is partially open and hence its readily obvious the volume is a LUKS volumeand hence you arent hiding that much if anything. If you want to use LUKS while hiding the header, create the
volume with a detached header,info on how to do so is here: https://code.google.com/p/cryptsetup/wiki/Cryptsetup140
I do not get clearly the advantage of having the header separated from the container. If I have header and container together, you tell that anybody can easily find this is a LUKS container. They cannot open it but they know there is something hidden.
But isn't the same happening if container and header are separated? I suppose that as well they can easily find the header (OR NOT?). They cannot open the container, but they know there is something hidden. Yes they do not know WHERE it is hidden in this case, but how important is this if in any case they cannot open it?
Alternative to have a completely hidden volume while not using a detached header is to create a plain dm-crypt volume using cryptsetup.
And to make a 200 MB container?
That will be
dd if=/dev/urandom of=volume bs=1024 count=200000The formula is simple,volume size = block size(bs) * countJust start with bs =1024 and read for yourself "one kilo byte".
Then have "count=2" and then read for yourself "two kilo bytes" because now you will have bs=1024 count=2and both amounts to 2048(two kilobytes)From the above just start adding "zeros" to count while saying:
"twenty kilobytes""two hunded kilobytes""two megabytes""twenty megabytes""two hundred megabytes"
and stop when you have reached the desired size,get the idea? This is the thinking i usually use when creating image files using "dd" command.Well many thanks indeed INK good nightYou are welcome. If i can introduce myself to you, i am the developer of zuluCrypt. I started the project because i did not want
to use TrueCrypt simply because it didnt feel like a linux native solution and using cryptsetup from the terminal got really annoying really fast.I should also say i am not a cryptsetup developer, i just hang out here to keep track of a project i depend on.
With crypsetup,you can manage 3 different volumes, TrueCrypt volumes,LUKS volumes and PLAIN volumes.Each has a pro and associated cons. I wrote a "simple" comparison btw them in an article about zuluCrypt in the may issue of pclinuxos magazine,you can read the online version of the article here: http://pclosmag.com/html/Issues/201405/page10.html
Very interesting INK, and clear. Now I am sorry wrote did not trust zuluCrypt. These mail lists are dangerous: you never know who you are speaking with :-). Trust is the weak and strong point. I am getting older and cannot tell how many times my trust was misplaced with bad consequences, but at the same time all the best things I accomplished in life were based on trust. So...
Best
Franz
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
