  Loopback Encrypted Filesystem HOWTO

  Copyright by Ryan T. Rhea, zzrhear@pobox.winthrop.edu <mailto:zzr
  hear@pobox.winthrop.edu>

  v1.0, 22 September 1999

   , ڰ Ʈ ,      ϰ
  ȣȭϴ Ͻý۸ ϰ ϴ  Ѵ.
  Ͻý  Ͽ Ǵµ, ų    ʰ
  ̸ ٿ  ִ. ̰     
  ȴ.

  ______________________________________________________________________

  

  1. ϱ 
  2. Ұ
  3. 
  4.  

  ______________________________________________________________________

  1.  ϱ 

    Ŀ ҽ ڵ,  ڵ ϸ  Ӹ ƴ϶ 
  γ 䱸Ѵ. Ʈ ũ غ   ſ Ѵ. ,
  ȣȭ Ͻý   ߿ ͸  ϱ
     ξ Ѵ. - ̰   ٸ Ͻýó
  ջ  ִ.

  ּ,   Ŀ  2.2.9  ġ ؾ߸
   ̴. ġ ϴ  ־  ڼ û  
   "λ"  ִ.  Ŀ ҽ    ִ:
  <ftp.kerneli.org/ <ftp://ftp.kerneli.org/>>

  Ŀ ϴ   Ͽ  ִ:
  <metalab.unc.edu/LDP/HOWTO/ <http://metalab.unc.edu/LDP/HOWTO/>> 
      ٿ, , ü Ȥ κ
  Ǿ .

  ?  ϰų κ 纻 ۱   㰡 
  ״ Ͽ Ѵ.

  ?  ̳ ĻǴ ǰ     
   Ѵ.

  ?    ǰ κ Ϸ Ѵٸ,  Ŵ
    ϱ  û ݵ ԽѾ ϰ, 
   ϱ  ܵ Ǿ Ѵ.

  ?   Ե  ҽ ڵ,  ͸ FTP   
  ִ GNU Ϲ  (General Public License) Ͽ ִ.
  <prep.ai.mit.edu/pub/gnu/COPYING/
  <ftp://prep.ai.mit.edu/pub/gnu/COPYING/>>

  2.  Ұ

     Ͻý Ʈϱ  '/dev/loop*' (⼭ *
  κ ġ 0-7   ִ) ġ Ѵ.  
  ȣȭ ̵ (ު) Ƽǿ  Ͻý ϱ
     ִ. ̿  Ͽ ռ  LDP Ʈ ִ.
  ȣȭ پ    ִµ, XOR, DES, twofish, blowfish,
  cast128, serpent, MARS, RC6, DFC, IDEA Ѵ. α׷ 'losetup'
  (loopback setup)  ȣȭ  Ͻý۰ ȣ 
  ϴ ̴. kerneli.org  crypto ġ ϴ
  Alexander Kjeldaas ϸ, DES losetup  ȣȯ .
  ̰   иƼ Ʈ óϴ Ŀ ̿ Ѵ. ٸ
  ȣ麸 ſ ξ  ϱ  DES ϴ ȹ .

  Twofish, blowfish, cast128, serpent   뵵 ϵ簣
    㰡ȴ. ٸ ͵  㰡ǿ   ⵵
  ϰ, ׷  ͵ ִ. װ͵ ߿ ټ AES ǥ 
  ĺ̴.     װ͵ ȣ ۱ 
     ̴.

    serpent ˰ Ѵ.  ŭ , GPL Ͽ
    ϱ ̴. װ  ϸ, serpent Ross
  Anderson, Eli Biham, Lars Knudsenserpent  128 Ʈ  ȣ
  Ѵ. װ  ְ    Ͽ
     ߰ߵ ʵ  ̴. ҽ ڵ Ӹ ƴ϶
  serpent      ִ.

  <www.cl.cam.ac.uk/~rja14/serpent.html
  <http://www.cl.cam.ac.uk/~rja14/serpent.html>>

  3.  

   ܰ   Եȴ.    ܰ 
  "λ"  ̴.  ڷḦ ϱ  ù ° 
  ϴ   ̶ Ѵ( н/ ͼϴٸ
  Ƹ λ  ʿġ  ̴).    
  ִ.

  1.  ֽ  crypto ġ ޴´
     <ftp.kerneli.org/pub/kerneli/
     <http://ftp.kerneli.org/pub/kerneli/>>

  2. Ŀ ġѴ

  3.  ٵ,   ٸ û   ݵ and/or
     incomplete code/drivers'  ؾ Ѵ. 'Crypto options'
     Ʒ 'crypto ciphers'  ϶. DES 2.2.10.4
     ȣȯ  -     ִٴ  ϶.
     'Block Devices' Ʒ ؾ ϴ   ߿ û
     ִµ, transfer functions (RECOMMENDED)', 'General encryption
     support'̴.  . Ŀ    ̻ ٷ  ̴.
     װ      LDP Ʈ   ִ.

  4.  Ŀ Ѵ.

  5. Ͽ Ʈ δ(boot loader) Ŀ ߰Ѵ.

  6. ֽ 'util-linux'  ҽ ޴´
     <ftp.kernel.org/pub/linux/utils/util-linux/
     <ftp://ftp.kernel.org/pub/linux/utils/util-linux/>>

  7.

  8.  Ϳ ã ġϴ ġ Ѵ

  9. ϵ( ý ſ ȥ ̱  ϰ 
     ߿  ҽ ϱ  Ʈ ũ  ⸦ غ
     )  ҽ Ѵ. ⺻, ߿  
     ϵ ʰ ø ۼ ʵ,    'HAVE_*'
     ʵ带 yes ϱ⸦ Ѵ.  ȣȭ ȹ ϵ  ٽ
     (rebuilt)ϱ ϴ  'mount' 'losetup'̴. 
      ܰ踦  Ʒ ""    Ѵ.
  10.

  11.
      Ŀη  Ѵ

  12.
     ߰Ѵ

     ___________________________________________________________________
       /dev/loop0  /mnt/crypt  ext2  user,noauto,rw,loop 0 0
     ___________________________________________________________________

  13.
      Ͻý ϰ  丮 

  14.
     ڷμ   ȣȭ   dd if=/dev/zero
     of=/etc/cryptfile bs=1k count=1000

  15.
       losetup Ѵ

     losetup -e serpent /dev/loop0 /etc/cryptfile ȣ Էϴ 
      ȸ  ̶ ؾ Ѵ.   ȣ 
     ϱ⸦ ϸ,  ɾ   ִ.

     losetup -d /dev/loop0 ̰ loop ġ ȰȭŰ  ̴.
     ,  ȣ ˻ϱ ؼ,  , ٽ
     losetup ϰ  ̴.

     losetup -e serpent /dev/loop0 /etc/cryptfile

  16.
        ext2 Ͻý  mkfs -t ext2
     /dev/loop0 100000

  17.
      ȣȭ Ͻý Ʈ  ִ mount -t ext2
     /dev/loop0 /mnt/crypt

  18.
     ٸ,   Ͻý 𸶿Ʈϰ ȣѴ.  umount
     /dev/loop0 losetup -d /dev/loop0'

  4.   

  Ŀ ġ:   ġ   Ѵ. ο Ư¡
   '2.3.x'  Ŀο ߰ ̴. ġ ؼ ġϷ, 
   ġ ϵ ϰ,   Ѵ.

       cd /usr/src
         gzip -cd patchXX.gz  patch -p0

   ҽ Ʈ   ū   , ʴ, xx
  ݺѴ.  Ŀ ҽ  ⺻ 丮 '/usr/src/linux'̴.
   ҽ  ٸ  ġѴٸ, '/usr/src/linux'κ
  ɺ ũ   ϴ ̴.

    'util-linux' Ű ϴ   'MCONFIG'κ
   ̴. ̰  5.2  ϴ,   
  ſ Ư  ˸.  'login', 'getty', Ǵ 'passwd' 
   ߿ ý   ʵ ؾ Ѵٴ ̴.
  · ߿   .
  ______________________________________________________________________
         CPU=$(shell uname -m sed s/I.86/intel/)
       LOCALEDIR=/usr/share/locale
       HAVE_PAM=no
       HAVE_SHADOW=yes
       HAVE_PASSWD=yes
       REQUIRE_PASSWORD=yes
       ONLY_LISTED_SHELLS=yes
       HAVE_SYSVINIT=yes
       HAVE_SYSVINIT_UTILS=yes
       HAVE_GETTY=yes
       USE_TTY_GROUP=yes
       HAVE_RESET=yes
       HAVE_SLN=yes
       CC=gcc
  ______________________________________________________________________

  :  ϴ. Ʈ     ʴ 丮
  ϶.  home   700 ۹̼    
  ϰڴ.   ͸  Ͽ ؼ ȴ.
   '/etc'   ̴.

   ϳ ɾ Ͻý Ʈϰų 𸶿Ʈϴ ſ
    ũƮ . ̴ ۼϰ,  ϵ
  (chmod u+x)  ο ־ θ ȴ.

  ______________________________________________________________________
    #!/usr/bin/perl -w
    #
    #simple utility to setup loopback encryption filesystem
    #Copyright 1999 by Ryan T. Rhea
    $cmd1 = `losetup -e serpent /dev/loop0 /etc/cryptfile`;
    $cmd2 = `mount /mnt/crypt`;
    print $cmd1;
    print $cmd2;
  ______________________________________________________________________

   ũƮ 'loop' ̸  ,   ('loop')
  йȣ  Ĵ  ̴.

  ______________________________________________________________________
         #!/usr/bin/perl -w
         #
         #simple utility to deactivate loopback encryption filesystem
         #Copyright 1999 by Ryan T. Rhea
         $cmd1 = `umount /mount/crypt`;
         $cmd2 = `losetup -d /dev/loop0`;
         print $cmd1;
         print $cmd2;
  ______________________________________________________________________

   °  'unloop'̶ ̸ ̰, 'unloop' Էϸ 
  Ͻý  ۵  ̴.

