aespipe is a very useful tool in an of itself. In fact, in those situations where I have had a need for CryptoAPI loopback, I've still installed aespipe for extra functionality.
aespipe is a very useful tool in an of itself. In fact, in those situations where I have had a need for CryptoAPI loopback, I've still installed aespipe for extra functionality.
As aespipe is an AES encrypted pipe, it can be used to encrypt/decrypt anything which can be transmitted over a pipe. You can use it to encrypt/decrypt files and transmissions, archives, and even copies or file abstractions. You can also use it to create encrypted filesystems for loop-aes as well as decrypt filesystems for normal loopback devices.
The basic usages for aespipe is just like any other program in a chain: $ program1 | aespipe [options] | program2 ... etc ...
For example, if I wanted to encrypt a CD-ROM image such that it's contents requried a passphrase to be reabable, I could:
After burning the CD-ROM, I could mount the CD-ROM thusly: mount -t iso9660 /dev/cdrom /cdrom -o loop=/dev/loop0,encryption=AES128
There is another method for obtaining loopback-like encryption under Linux, and it is much easier to install and setup. Of course, it ultimately lacks some of the speed and total integration of the CryptoAPI metho described previously, but for situations where simpler encryption is preferable it is ideal.
loop-aes and aespipe
Loop-aes is an augmentation or replacement (depending upon how you set it up) loop module for encrypting a loopback device. Included inside the loop-aes distribution is another application known as aespipe which instead allows for encryption via pipes directly. You can obtain loop-aes and aespipe from here:
Here, the big advantage is that you should be able to just slap in this new loop module into an existing setup without kernel recompilation, rebooting, or anything. You should be able to use it on anything from the 2.2 series on up through 2.4 and 2.6 in the future.
Of course, should is the operative word here. If your kernel was not compiled correctly in the first place to enable things like loadable modules and using the loopback device as a block device, then you will still have to recompile. Thankfully, you will be hard pressed not to find a stock kernel that meets these requirements.
Once you have loop-aes installed, you can actually use it just like you normally use loop. For example, making an encrypted file system is accomplished in practically the same way as was detailed for CryptoAPI loop previously.
aespipe
aespipe is a very useful tool in an of itself. In fact, in those situations where I have had a need for CryptoAPI loopback, I've still installed aespipe for extra functionality.
As aespipe is an AES encrypted pipe, it can be used to encrypt/decrypt anything which can be transmitted over a pipe. You can use it to encrypt/decrypt files and transmissions, archives, and even copies or file abstractions. You can also use it to create encrypted filesystems for loop-aes as well as decrypt filesystems for normal loopback devices.
The basic usages for aespipe is just like any other program in a chain:
