1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# Sample configuration file for cryptmount
# the following target uses a raw file to contain the encrypted fs
# (e.g. created by "dd if=/dev/zero of=/home/crypt.fs bs=1M count=128)
# cryptmount will automatically configure a vacant loopback device on mounting
crypt_basic {
dev=/home/crypt.fs
dir=/mnt/crypt
fstype=ext2 mountoptions=defaults
cipher=aes
keyfile=/home/secretiveuser/crypt.key
keyformat=builtin
}
# the following target uses part of a raw disk partition as the encrypted fs:
# (sectors 512-16895 are used here. Remove the 'startsector' and 'numsector'
# parameters to use the whole partition.)
crypt_hdb63 {
dev=/dev/hdb63 startsector=512 numsectors=16384
dir=/mnt/crypt63
fstype=ext3 mountoptions=defaults \
cipher=serpent # filesystem encryption
# information about file used to store decryption key:
keyfile=/etc/cryptmount/crypt_hdb63.key
keyformat=openssl keyhash=md5 keycipher=bf-cbc
}
# the following target uses part of a raw disk partition to create
# an encrypted swap (paging) area.
crypto_swap {
dev=/dev/hdb63 startsector=16896 numsectors=1024
fstype=swap flags=mkswap
cipher=twofish
keyfile=/dev/random keymaxlen=16
keyformat=raw
bootaction=swap
}
|
