is a software tool for managing encrypted file systems
under the GNU/Linux
family of operating systems. It uses the device mapper
infrastructure to provide transparent encryption of file systems stored in disk partitions or within ordinary files.
The main features of cryptmount are as follows:
- Filesystems can be (un)mounted whenever needed by ordinary users, without requiring superuser/administrator privileges
- Multiple encrypted filesystems can be stored within a single disk partition
- Configuration information about encrypted filesystems is stored within a free-format human-readable file
- Access keys can be protected by a wide range of encryption and hashing algorithms provided by the libgcrypt library
- Access keys can be compatible with the OpenSSL command-line tool, and be stored & backed-up separately from the filesystem that they protect
- Encrypted swap partitions are supported, and can be configured automatically on system boot-up
- An interactive setup script is supplied to allow basic, but effective, encrypted file systems to be created
The design of cryptmount
has been driven by a number of choices:
- It should be possible for rarely used encrypted filesystems to be left normally unmounted, but easily made visible when needed
- The setup of loopback devices needed to access encrypted filesystems within ordinary files should occur as transparently as possible
- Any user who knows the access password for an encrypted filesystem should be able to mount it when needed
- There is little value in obscuring information about the choice of encryption algorithm if that information is freely available to anyone who already has superuser privileges — i.e. textual configuration files to which only root has access are not significantly less secure than fixed-format binary information embedded within a disk partition.
- Only a single access password should be allowed on any encrypted filesystem — so that all users who control access to the filesystem have a shared interest in having a strong password, without any individual being able to choose their own a weak password.