Creating and Using a Linux File Containing an AES Encrypted Filesystem

Content created on March 27, 2006 Craig Van Degrift

This document describes the step-by-step process that allows the creation of a special file, here named secrets, containing an AES encrypted filesystem. When mounted using a password, secrets can be accessed like any mounted device. Directories and files may be created, read, modified, and deleted by the owner of secrets. When not mounted, secrets looks like a file of nearly random bits that are, for all practical purposes, undecipherable.

References:

The following three HOWTO's are useful but were written before the 2.6 Linux kernel was released. You cannot take their information literally since many kernel-related names and methods have since changed.

Man pages that describe the most important tools used here are:

Making sure kernel has necessary capabilities

Linux makes it very easy to make a partition or even a file automatically encrypt or compress its contents. These notes show how to create a file that can be used as a filesystem to contain encrypted files. The kernel needs the following special capabilities either as modules or built-in:

The compressed file /proc/config.gz allows you to determine exactly what capabilities are included in your kernel and which are available as modules. We are interested in the loop, cryptoloop and aes capabilities which we can check by doing:

$ sudo grep "CRYPT\|LOOP" /boot/config-2.6.20-16-generic
CONFIG_IEEE80211_CRYPT_WEP=m
CONFIG_IEEE80211_CRYPT_CCMP=m
CONFIG_IEEE80211_CRYPT_TKIP=m
CONFIG_BLK_DEV_LOOP=m
CONFIG_BLK_DEV_CRYPTOLOOP=m
CONFIG_DM_CRYPT=m
CONFIG_BLK_DEV_CLOOP=m
CONFIG_ECRYPT_FS=m
CONFIG_CRYPTO=y
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_BLKCIPHER=m
CONFIG_CRYPTO_HASH=y
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_HMAC=y
CONFIG_CRYPTO_XCBC=m
CONFIG_CRYPTO_NULL=m
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_SHA1=m
CONFIG_CRYPTO_SHA256=m
CONFIG_CRYPTO_SHA512=m
CONFIG_CRYPTO_WP512=m
CONFIG_CRYPTO_TGR192=m
CONFIG_CRYPTO_GF128MUL=m
CONFIG_CRYPTO_ECB=m
CONFIG_CRYPTO_CBC=m
CONFIG_CRYPTO_LRW=m
CONFIG_CRYPTO_DES=m
CONFIG_CRYPTO_BLOWFISH=m
CONFIG_CRYPTO_TWOFISH=m
CONFIG_CRYPTO_TWOFISH_COMMON=m
CONFIG_CRYPTO_TWOFISH_586=m
CONFIG_CRYPTO_SERPENT=m
CONFIG_CRYPTO_AES=m
CONFIG_CRYPTO_AES_586=m
CONFIG_CRYPTO_CAST5=m
CONFIG_CRYPTO_CAST6=m
CONFIG_CRYPTO_TEA=m
CONFIG_CRYPTO_ARC4=m
CONFIG_CRYPTO_KHAZAD=m
CONFIG_CRYPTO_ANUBIS=m
CONFIG_CRYPTO_DEFLATE=m
CONFIG_CRYPTO_MICHAEL_MIC=m
CONFIG_CRYPTO_CRC32C=m
CONFIG_CRYPTO_TEST=m
CONFIG_CRYPTO_DEV_PADLOCK=m
CONFIG_CRYPTO_DEV_PADLOCK_AES=m
CONFIG_CRYPTO_DEV_PADLOCK_SHA=m
CONFIG_CRYPTO_DEV_GEODE=m

We need work with loop file systems, so we need BLK_DEV_LOOP.

Also, to do AES encryption in a loop filesystem, we need CRYPTO, BLK_DEV_CRYPTOLOOP, and CRYPTO_AES. CRYPTO is built into the kernel ("=y"), but the others are available as modules ("=m") which need to be loaded. This can be done as follows:

$ sudo modprobe aes
$ sudo modprobe cryptoloop
$ lsmod | grep "loop\|aes"

then shows

Module			Size  Used by
cryptoloop		4096  0
loop			17800 1 cryptoloop
aes			28608 0

Notice that there can be slight differences between the module names and the CONFIG names. If you compile your own custom kernel, you would probably build all of these into your kernel.

Preparing a file to be an encrypted filesystem

If you would like a place to put encrypted things, but don't want to dedicate an entire partition to encryption, you can use just a file. The following commands make a file named secrets that that can be mounted as an encrypted filesystem with room for 1 MB of contents.

Starting as an ordinary user, not root, make the empty file filled with random bits

$ dd if=/dev/urandom of=secrets bs=4096 count=256
256+0 records in
256+0 records out

Then, become root

$ su
Password:<your root password>

Use the following command to find a free loop device:

$ sudo losetup -f
/dev/loop0

So we will use /dev/loop0. (This example uses Ubuntu, on Mandriva-2007, one needs to become root and use losetup -a to see which loop devices are in use.)

$ sudo losetup -e aes /dev/loop/0 secrets
Password:<The password for accessing secrets>

The password given here need not be your root password, however, you must be sure to not forget it. If you lose this password, your secrets will be inaccessible. I am unaware of any work-arounds.

Notice that /dev/loop/0 is now in use:

$sudo losetup /dev/loop0
/dev/loop0: [0307]:512157 (/home/craig/secrets), encryption aes (type 18)

Here [0307]:512157 identifies the drive (hda7:, major # 03, minor #07) and inode number for secrets.

Now that secrets is attached to a loop device, we can make an ext2 filesystem inside it.

$sudo mke2fs /dev/loop0
mke2fs 1.40-WIP (14-Nov-2006)
mke2fs: Permission denied while trying to determine filesystem size
craig@server:~$ sudo mke2fs /dev/loop0
mke2fs 1.40-WIP (14-Nov-2006)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
128 inodes, 1024 blocks
51 blocks (4.98%) reserved for the super user
First data block=1
Maximum filesystem blocks=1048576
1 block group
8192 blocks per group, 8192 fragments per group
128 inodes per group

Writing inode tables: done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 26 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

We can now detach /dev/loop0 from secrets.

$sudo losetup -d /dev/loop0

secrets is now ready to use.

Using the encrypted filesystem file

Our secrets file is made available by mounting it using loop and encryption options for the mount instruction:

$ mkdir ~/crypto
$ chmod 600 /mnt/crypto
$ sudo mount -t ext2 -o loop,encryption=aes secrets /mnt/crypto
Password:<The password for accessing secrets>

After we give it the password, we can use it like an ordinary 1 MB partition. Be sure to not leave it mounted any longer than necessary even though access is restricted to the root user because root created /mnt/crypto and did chmod 600 /mnt/crypto.

If you forget your password, your information is lost! Be sure to let your spouse or other survivors know the password in case you suddenly die. Using a password that is the same as the root password would make it easier to remember, but only as secure as your root password. Encryption of files and partitions protect your data if someone were to gain physical access to your computer. In the absence of special security hardware, the normal file permissions can be easily dodged by booting a rescue disk. The encrypted files and partitions, however, still would be protected.

The df command, cat /proc/mounts, cat /etc/mtab, and other methods that show mounted filesystems will show that we have mounted it.

As long as it is mounted, it can be used like any other mounted filesystem:

/mnt#
cd crypto
/mnt/crypto# echo "amazon.com: craig2345 saeWxB235SyE" > passwords
/mnt/crypto# echo "slashdot.com: craigv xRo523dDzvP" >> passwords
/mnt/crypto# cat passwords
amazon.com: craig2345 saeWxB235SyE
slashdot.com: craigv xRo523dDzvP
/mnt/crypto# cd ..

Here, we simply used the echo command, but we could create subdirectories (a lost+found directory was created by mke2fs) and use an editor to work with the files. Anything copied into secrets gets encrypted; anything copied out of it gets decrypted.

As usual, unmounting is done by

# umount /mnt/crypto

If you try to mount it without the encryption=AES option, the mount instruction will fail because it will not see the ext2 filesystem. Examination of the file secrets with cat or other tools will simply show 1 MB of seemingly-random bytes.

In the above mount description, it was necessary to be root to mount secrets. This restriction can be removed if, as root, we insert the following line into /etc/fstab:

/home/craig/secrets /home/craig/crypto ext2 defaults,loop,encryption=aes,user,noauto 0 0

Since /etc/fstab is owned by root and has permissions 644, only root can change its contents.

The user part of the mount options here allows any user to mount the device, but if the file secrets is owned by the user craig and has permissions 600, then only the user craig can access its files.

The noauto option makes sure that the system does not try to mount the secrets file upon boot. Without noauto, the boot would be stalled waiting for the password to be entered.

The user that mounts secrets must know the password to secrets, and once it is mounted, that user and root are the only ones that can umount it. The mount point set by this line in /etc/fstab is /home/craig/crypto which still needs to be created and tested as follows:

~$ mkdir crypto
~$ chmod 600 crypto
~$ mount secrets
Password: <access password for secret>
~$ cd crypto
~/crypto$ echo testing > x
~/crypto$ cat x
testing
~/crypto$ cd ..
~$ umount crypto

Last updated: August 6, 2007

Valid CSS!Valid XHTML 1.0 Strict

Contact Craig Van Degrift if you have problems or questions with this web site.