Question

10

How do I create an encrypted filesystem inside a file?

rated 0 times [ 10] [ 0] / answers: 1 / hits: 17924 / 2 Years ago, tue, march 22, 2022, 1:57:20

I've found this interesting tutorial on flossstuff blog.

It explains how to create an empty file, format it as ext4, and mount it as a device.

I'd like to know if it can be created as an encrypted ext4 file system.

I've tried using palimpsest (the disk utility found in System menu) to format the already created file system but it doesn't work as it detects the file system being used.

If I try to unmount the file system, that won't work either because it doesn't detect the device (since it's not a real device like a harddrive or a USB drive).

So my question is, is there an option to create the file system as encrypted from the beginning? I've used these commands:

Create an empty file 200Mb size:

dd if=/dev/zero of=/path/to/file bs=1M count=200

Make it ext4:

mkfs -t ext4 file

Mount it in a folder inside my home:

sudo mount -o loop file /path/to/mount_point

Is there any way the mkfs command can create an encrypted ext4 filesystem asking for a decryption password?

I'm planing to use this as a way to encrypt files inside Dropbox.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

arkcker

Add To Favorites

Follow

Total Points: 296

Total Questions: 111

Total Answers: 104

Location: Nepal

Member since Tue, Sep 8, 2020

4 Years ago

arkcker questions

1 Why does Firefox Developer Edition shortcut opens in new icon?

Sat, May 22, 21, 16:19, 3 Years ago

1 No WIFI Adapter Found - ASUS

Tue, Aug 17, 21, 00:08, 3 Years ago

1 Which one is better WSL2 or USB booted Ubuntu?

Sun, May 14, 23, 01:04, 1 Year ago

1 How to launch application on startup

Wed, Nov 16, 22, 03:12, 1 Year ago

1 Can we clear memory cache in Ubuntu

Tue, Jun 1, 21, 01:29, 3 Years ago

View All

answered 2 Years ago earxcept · Accepted Answer

You can use cryptmount to encrypt a filesystem, also if the filesystem is on a file.

The cryptmount manual page has a very simple and detailed explanation that I report (modified) here, and it do mention explicitly a file based filesystem.

Step 1

Add an entry in /etc/cryptmount/cmtab, as follows:

mycrypt {

    dev=/media/data/mycrypt dir=/home/enzotib/mycrypt

    fstype=ext4 mountoptions=defaults cipher=twofish

    keyfile=/etc/cryptmount/mycrypt.key

    keyformat=builtin

}

where /media/data/mycrypt is the support file created by dd and /home/enzotib/mycrypt is the desired mountpoint.

Step 2

Generate a secret decryption key

sudo cryptmount --generate-key 32 mycrypt

Step 3

Execute the following command
```
sudo cryptmount --prepare mycrypt
```
you will then be asked for the password used when setting up the key

Step 4

Create the filesystem
```
sudo mkfs.ext4 /dev/mapper/mycrypt
```

Step 5

Execute
```
sudo cryptmount --release mycrypt
```

Step 6

Now mount the filesystem

mkdir /home/enzotib/mycrypt

cryptmount -m mycrypt

then unmount it

cryptmount -u mycrypt

Also, if you need to crypt a directory, encfs may be worth to take into consideration.