Linux Encrypted Filesystem Using Loopback Filesystem

If you have a computer that is really important, you don’t want to blow away your OS on a regular basis after an experiment goes awry – This is perhaps the reason the loopback file system was born. With this handy tool, you can create an image file containing the file system of your choice, and mount it—leaving your “real” file system alone and safe. Here, I am trying to explain how to make file system more secure or encrypted in linux.

1. Make a Blank Image File

#if=/dev/zero of=/test/loopback_test bs=1M count=1K

2. Make a File System

We need to make the system think that the file is a block device instead of an ASCII file, so we use losetup, a utility that associates loop devices with regular files or block devices.

You will use the loopback device /dev/loop0

#losetup /dev/loop0 /test/loopback_test

Then format the file with an ext3 file system

#mkfs -t ext3 -q /test/loopback_test

3. Mount the Test File System

Your test file system is ready to go, except that you can’t do much with it until it is mounted on your system. Let’s start with a mount point, then

#mkdir /mnt/image

Now you can mount it,

#mount –o loop /test/loopback_test /mnt/image

After mounting the file system, look at it with the df command:

#df –h /mnt/image

If you are looking partiton encryption (dm-crypt), then you can try below method

#losetup /dev/loop0 empty
#cryptsetup --cipher aes create empty /dev/loop0

now enter your password
#mount /dev/mapper/empty /mnt

You can make more secure by making it read only

#cryptsetup --readonly --cipher aes create secure /dev/loop0

On this scenario, make sure to mount partition as read only

#mount -o ro /dev/mapper/secure /mnt

Bobbin Zachariah 8:59 pm

About Bobbin Zachariah

Founder of LinOxide, passionate lover of Linux and technology writer. Started his career in Linux / Opensource from 2000. Love traveling, blogging and listening music. Reach Bobbin Zachariah about me page and google plus page.

Author Archive Page

Have anything to say?

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.