本文共 14375 字,大约阅读时间需要 47 分钟。
This section gives a series of examples of how to create Linux dm-crypt volumes, and then mount them using FreeOTFE Explorer.
These examples have been tested using Fedora Core 3, with a v2.6.11.7 kernel installed; though they should work for all compatible Linux distributions.
To begin using dm-crypt under Linux, ensure that the various kernel modules are installed:
At this point, typing "dmsetup targets" should give you something along the lines of:modprobe cryptoloopmodprobe deflatemodprobe zlib_deflatemodprobe twofishmodprobe serpentmodprobe aes_i586modprobe blowfishmodprobe desmodprobe sha256modprobe sha512modprobe crypto_nullmodprobe md5modprobe md4modprobe cast5modprobe cast6modprobe arc4modprobe khazadmodprobe anubismodprobe dm_mod (this should give you dm_snapshot, dm_zero and dm_mirror?)modprobe dm_crypt
crypt v1.0.0striped v1.0.1linear v1.0.1error v1.0.1Typing "lsmod" will show you which modules are currently installed.
If not overridden by the user, dm-crypt defaults to encrypting with:
Cypher: | AES |
---|---|
Cypher keysize: | 256 bit |
User key processed with: | RIPEMD-160 (not "RIPEMD-160 (Linux; Twice, with A)"). "Hash with "A"s, if hash output is too short" option - selected |
IV generation: | 32 bit sector ID |
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_default.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_default.volecho password1234567890ABC | cryptsetup create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_aes128.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_aes128.volecho password1234567890ABC | cryptsetup -c aes -s 128 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_aes_essiv_sha256.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_aes_essiv_sha256.volecho password1234567890ABC | cryptsetup -c aes-cbc-essiv:sha256 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_blowfish_448.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_blowfish_448.volecho password1234567890ABC | cryptsetup -c blowfish -s 448 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_twofish_o3.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_twofish_o3.volecho password1234567890ABC | cryptsetup -c twofish -o 3 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_aes_md5.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_aes_md5.volecho password1234567890ABC | cryptsetup -c aes -h md5 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Note that although the main cypher is Blowfish 448, Blowfish 256 is used as the IV cypher as the IV hash outputs 256 bytes
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_blowfish_448_essivsha256_md5.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_blowfish_448_essivsha256_md5.volecho password1234567890ABC | cryptsetup -c blowfish-cbc-essiv:sha256 -s 448 -h md5 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
Creating the volume file under Linux:
Mounting the volume under FreeOTFE Explorer:dd if=/dev/zero of=./volumes/vol_aes_xts.vol bs=1K count=100losetup /dev/loop0 ./volumes/vol_aes_xts.volecho password1234567890ABC | cryptsetup -h sha512 -c aes-xts-plain --key-size 512 create myMapper /dev/loop0dmsetup lsdmsetup tabledmsetup statuslosetup /dev/loop1 /dev/mapper/myMapper mkdosfs /dev/loop1mkdir ./test_mountpointmount /dev/loop1 ./test_mountpointcp ./test_files/SHORT_TEXT.txt ./test_mountpointcp ./test_files/BINARY_ZEROS.dat ./test_mountpointcp ./test_files/BINARY_ABC_RPTD.dat ./test_mountpointcp ./test_files/BINARY_00_FF_RPTD.dat ./test_mountpointumount ./test_mountpointlosetup -d /dev/loop1cryptsetup remove myMapperlosetup -d /dev/loop0rm -rf ./test_mountpoint
转载地址:http://elhvi.baihongyu.com/