Linode.com Forum

[sarge]

OS: Debian Sarge
Kernel: 2.4.28-linode37-1um
Host: host36

I get the following error when I try the losetup command to create an encrypted loopback.

Quote: ioctl: LOOP_SET_STATUS: Invalid argument

I'm using the simple instructions at:
http://www.linuxsecurity.com/docs/HOWTO/Encryption-HOWTO/Encryption-HOWTO-4.html#folder

Looks like someone else reported this problem on linode according to this thread (Oct 2004) but I'm not sure if it has been fixed:
http://www.linode.com/forums/viewtopic.php?t=1242

Any ideas if this is a problem with the way Linode kernel is compiled or if the instructions are incompatible?

[caker]

As far as I know, loop-back encryption for 2.4 kernels requires external kernel patches, of which I'd rather not get into supporting unless there was a greater demand for them.

There is a new enabled option in the 2.6.9-linode9 kernel, CONFIG_DM_CRYPT, which I assume allows you to do encryption through the new Device Manager (DM):

http://docs.linux.com/article.pl?sid=04/06/07/2036205&tid=
http://www.saout.de/misc/dm-crypt/

-Chris

[johns]

caker wrote: There is a new enabled option in the 2.6.9-linode9 kernel, CONFIG_DM_CRYPT, which I assume allows you to do encryption through the new Device Manager (DM):
-Chris
Yes, this is correct.
I have tried it and it works.
The kernel configs that are required are:
CONFIG_BLK_DEV_DM (the device mapper)
CONFIG_DM_CRYPT (the crypto device mapper target)
2.6.9-linode9 is compiled with these options
You then need to install the userspace tool dmsetup (and cryptsetup for easier setup)

Then do the following:
cryptsetup create volume1 /dev/ubdf
mke2fs -j /dev/mapper/volume1
mount /dev/mapper/volume1 /mnt/crypto/

where udbf is a new empty linode disk image, volume1 is a name of your choice and /mnt/crypto a mount point of your choice