Encrypted filesystem
I want to log in on our servers with ssh without having to type in a password every time, so I decided to use authorized_keys. To store the keys I wanted an encrypted filesystem on my usb stick. Here’s a short howto:
install crypt system debian style:
# apt-get install cryptsetup
make sure the modules aes, dm_mod, and dm_crypt are loaded (add to /etc/modules) or compiled in your kernel. You need these modules for the device mapper and for aes encryption algoritm.
map the device that is going to hold the encrypted filesystem (here it is /dev/sdb1) to a mapped device (I called it crypt, pick a valid name you like for the device mapper):
# cryptsetup -y create crypt /dev/sdb1
add the device to /etc/crypttab, by simply adding the line:
crypt /dev/sdb1
optionally add device to /etc/fstab (example configuration):
/dev/mapper/crypt /media/crypt ext3 rw,user,exec,noauto,suid 0 0
make filesystem on the mapped device (I use ext3, use anything you like and is supported on your system):
mkfs.ext3 /dev/mapper/crypt
use the device:
# /etc/init.d/cryptdisks start
if you’ve added the fstab line you can use:
# mount /media/crypt
otherwise try:
# mount /dev/mapper/crypt /media/crypt