Classnotes | UNIX03 | RecentChanges | Preferences Showing revision 1 There is another method for obtaining loopback-like encryption under Linux, and it is much easier to install and setup. Of course, it ultimately lacks some of the speed and total integration of the CryptoAPI metho described previously, but for situations where simpler encryption is preferable it is ideal.
loop-aes and aespipe
Loop-aes is an augmentation or replacement (depending upon how you set it up) loop module for encrypting a loopback device. Included inside the loop-aes distribution is another application known as aespipe which instead allows for encryption via pipes directly. You can obtain loop-aes and aespipe from here:
Here, the big advantage is that you should be able to just slap in this new loop module into an existing setup without kernel recompilation, rebooting, or anything. You should be able to use it on anything from the 2.2 series on up through 2.4 and 2.6 in the future.
Of course, should is the operative word here. If your kernel was not compiled correctly in the first place to enable things like loadable modules and using the loopback device as a block device, then you will still have to recompile. Thankfully, you will be hard pressed not to find a stock kernel that meets these requirements.
Once you have loop-aes installed, you can actually use it just like you normally use loop. For example, making an encrypted file system is accomplished in practically the same way as was detailed for CryptoAPI loop previously.
aespipe
aespipe is a very useful tool in an of itself. In fact, in those situations where I have had a need for CryptoAPI loopback, I've still installed aespipe for extra functionality.
