chanux/README

## README
How to create encrypted virtual disk (with luks)

1) First we create a file with random data in it. You can chose a size that matches your needs. In this example I’m making a 20MB virtual disk so I will create a 20MB file in this step.

$ dd if=/dev/urandom of=~/sekret bs=1M count=20

Here, the dd command creates 20 1MB blocks and fill it with random data. ~/sekret means that we create the device named sekret in your home directory. You can chose a file name you like and also a path you like.

2) Next we need to create a block device from the file. For that find a free loop device with

$ sudo losetup -f

And use that loop device and create the block device. Let’s assume /dev/loop0 is free.

$ sudo losetup /dev/loop0 ~/sekret

3) Now we need to luks format the device. FYI: LUKS stands for Linux Unified Key System.

$ cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/loop0

This will warn you that the data in /dev/loop0 are gonna be overwritten. Hope you are confident enough to say yes. Then you are required to enter a pass-phrase for this encrypted this. Chose a powerful pass-phrase here. And then confirm the pass-phrase. The process will report success if we are lucky.

4) Map the crypto partition with

$ sudo cryptsetup luksOpen /dev/loop0 mycrypt

To be sure about the success run $ sudo dmsetup ls

This will output something like mycrypt (252, 0).

5) Now we create file system on the device we created. $ sudo mkfs.ext3 /dev/mapper/mycrypt

This will create EXT3 file system on the device. You can format it with your choice of file system. At the successful finishing of formatting, we have our own encrypted disk ready to use.

## krysp.sh
#!/usr/bin/env bash

# This script allows easy mounting/unmounting of your encrypted disks created
# with dm-crypt and LUKS (Linux Unified Key System)
# Read more on http://wp.me/p1rVu-ae

#check for required programs
type -P dmsetup &>/dev/null || { echo "dmestup rquired but not installed. Aborting." >&2; exit 1; }
type -P cryptsetup &>/dev/null || { echo "cryptsetup rquired but not installed. Aborting." >&2; exit 1; }

CRYPTDEV=cryspdev
TEMPFILE=/tmp/crysp-$SUDO_USER

usage(){
    echo "Usage:"
	echo -e "\t $0 mount /encrypted/virtual/disk /mount/point"
	echo -e "\t $0 umount /mount/point"
    exit 1
}

case "$1" in
mount)
    if [ $# != 3 ];then
        usage
    fi

    LOOPDEV=$(losetup -f)
	echo $LOOPDEV > $TEMPFILE
	losetup $LOOPDEV $2
	cryptsetup luksOpen $LOOPDEV $CRYPTDEV
	mount /dev/mapper/$CRYPTDEV -rw $3
	chown -R $SUDO_USER $3			#workaround to allow nautilus r/w access to the mount
	;;
umount)
    if [ $# != 2 ];then
        usage
    fi

    LOOPDEV=$(cat /tmp/crysp-$SUDO_USER)
	sync
	umount $2
	cryptsetup luksClose $CRYPTDEV
	losetup -d $LOOPDEV
	;;
*)
	usage
	;;
esac

exit 0
	How to create encrypted virtual disk (with luks)

	1) First we create a file with random data in it. You can chose a size that matches your needs. In this example I’m making a 20MB virtual disk so I will create a 20MB file in this step.

	$ dd if=/dev/urandom of=~/sekret bs=1M count=20

	Here, the dd command creates 20 1MB blocks and fill it with random data. ~/sekret means that we create the device named sekret in your home directory. You can chose a file name you like and also a path you like.

	2) Next we need to create a block device from the file. For that find a free loop device with

	$ sudo losetup -f

	And use that loop device and create the block device. Let’s assume /dev/loop0 is free.

	$ sudo losetup /dev/loop0 ~/sekret

	3) Now we need to luks format the device. FYI: LUKS stands for Linux Unified Key System.

	$ cryptsetup luksFormat -c aes-cbc-essiv:sha256 /dev/loop0

	This will warn you that the data in /dev/loop0 are gonna be overwritten. Hope you are confident enough to say yes. Then you are required to enter a pass-phrase for this encrypted this. Chose a powerful pass-phrase here. And then confirm the pass-phrase. The process will report success if we are lucky.

	4) Map the crypto partition with

	$ sudo cryptsetup luksOpen /dev/loop0 mycrypt

	To be sure about the success run $ sudo dmsetup ls

	This will output something like mycrypt (252, 0).

	5) Now we create file system on the device we created. $ sudo mkfs.ext3 /dev/mapper/mycrypt

	This will create EXT3 file system on the device. You can format it with your choice of file system. At the successful finishing of formatting, we have our own encrypted disk ready to use.
	#!/usr/bin/env bash

	# This script allows easy mounting/unmounting of your encrypted disks created
	# with dm-crypt and LUKS (Linux Unified Key System)
	# Read more on http://wp.me/p1rVu-ae

	#check for required programs
	type -P dmsetup &>/dev/null \|\| { echo "dmestup rquired but not installed. Aborting." >&2; exit 1; }
	type -P cryptsetup &>/dev/null \|\| { echo "cryptsetup rquired but not installed. Aborting." >&2; exit 1; }

	CRYPTDEV=cryspdev
	TEMPFILE=/tmp/crysp-$SUDO_USER

	usage(){
	echo "Usage:"
	echo -e "\t $0 mount /encrypted/virtual/disk /mount/point"
	echo -e "\t $0 umount /mount/point"
	exit 1
	}

	case "$1" in
	mount)
	if [ $# != 3 ];then
	usage
	fi

	LOOPDEV=$(losetup -f)
	echo $LOOPDEV > $TEMPFILE
	losetup $LOOPDEV $2
	cryptsetup luksOpen $LOOPDEV $CRYPTDEV
	mount /dev/mapper/$CRYPTDEV -rw $3
	chown -R $SUDO_USER $3 #workaround to allow nautilus r/w access to the mount
	;;
	umount)
	if [ $# != 2 ];then
	usage
	fi

	LOOPDEV=$(cat /tmp/crysp-$SUDO_USER)
	sync
	umount $2
	cryptsetup luksClose $CRYPTDEV
	losetup -d $LOOPDEV
	;;
	*)
	usage
	;;
	esac

	exit 0