From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arno@wagner.name>
Received: from v6.tansi.org (mail.tansi.org [87.118.116.4])
 by mail.server123.net (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Mon,  4 Apr 2016 01:57:31 +0200 (CEST)
Received: from gatewagner.dyndns.org (77-57-36-72.dclient.hispeed.ch
 [77.57.36.72]) by v6.tansi.org (Postfix) with ESMTPA id 0358520DC13E
 for <dm-crypt@saout.de>; Mon,  4 Apr 2016 01:57:30 +0200 (CEST)
Date: Mon, 4 Apr 2016 01:57:29 +0200
From: Arno Wagner <arno@wagner.name>
Message-ID: <20160403235729.GA12686@tansi.org>
References: <20160403000722.1266037f@ulgy_thing>
 <20160403084131.GA6111@citd.de>
 <57013EBF.7050303@whgl.uni-frankfurt.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <57013EBF.7050303@whgl.uni-frankfurt.de>
Subject: Re: [dm-crypt] Encrypted fs in file
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

Also refer to FAQ item 2.6
https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions

The zeroing out of the mapped container is advisable
if this needs high security, i.e. is not just for 
experiments.

Regards,
Arno


On Sun, Apr 03, 2016 at 18:03:11 CEST, Sven Eschenberg wrote:
> And regarding 1):
> 
> You might want to use dd for that and /dev/urandom. (Or use
> /dev/zero and then zero out the inner device before creating the
> filesystem).
> 
> Regards
> 
> -Sven
> 
> 
> Am 03.04.2016 um 10:41 schrieb Matthias Schniedermeyer:
> >On 03.04.2016 00:07, doark@mail.com wrote:
> >>Hello,
> >>I wanted to make certain that I got this process right since I've never
> >>done it before and I can't seem to find docs on the subject.
> >>
> >>1. Cat /dev/zero into a new file till it is big enough.
> >>2. Use cryptsetup on the file (format and open).
> >>3. Use mkfs on the loop device.
> >>4. Mount the loop device as if it were a block device.
> >>
> >>Does this look correct to you?
> >
> >Nearly.
> >
> >3) Not the loop device, but the dm-device, the loop it inbetween and is
> >handled automatically.
> >
> >A symlink for the dm-device appears in /dev/mapper/ with the name you
> >provided for the open command.
> >
> >Same for 4) You mount the dm-device
> >
> >
> >
> >
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier