Mountable encrypted file? What to use?
gfritz at gmail.com
Mon Oct 12 16:38:48 UTC 2009
On Mon, Oct 12, 2009 at 06:33:40AM -0700, Greg Morell wrote:
> I like to keep all of my sensitive stuff in a few encrypted mountable files.
> Something where I can copy the file to a USB key for backup, but not
> worry if I lose the USB key since it's just an encrypted file. But when
> on a computer, I can mount it as a volume.
> What should I use on FreeBSD?
Combine geli with the md device:
dd if=/dev/zero of=/tmp/secret bs=1 count=0 seek=1G
mdconfig -a -t vnode -f /tmp/secret -u 1984
geli init /dev/md1984 && geli attach /dev/md1984
mkdir /mnt/secret && mount /dev/md1984.eli /mnt/secret
echo "the formula for Coke is..." > /mnt/secret/secret_formula.txt
geli detach /dev/md1984.eli
mdconfig -d -u 1984
cp /tmp/secret /mnt/usbdrive
(I don't know off-hand the 'cp' options for copying sparse files correctly).
Read the man pages for all of the commands you are unfamiliar with.
geli(8) has a lot of flexible options.
More information about the freebsd-questions