As of kernel 2.6.4, the cryptoloop interface has been deprecated in favor of using dm-crypt: http://www.andrew.cmu.edu/user/qralston/dev/ http://www.saout.de/misc/dm-crypt/ From playing with FC2 test2, the only missing piece is Christophe's cryptsetup program. Please consider adding cryptsetup to FC2. (In the meantime, I will maintain the necessary RPMs myself, as I absolutely must have encrypted filesystem support.)
I would really like to have encrypted file system support in Fedora Core. It has always been on my wishlist for RedHat Linux. It is a important feature, especially for Notebook users. Mandarake Linux has this feature for years. After reading the emails at http://kerneltrap.org/node/view/2433, it seems the "cryptsetup" script was created as a temporary tool to fill the gap until a proper tool is created to setup encrypted file system. Furthermore, FC2 is already at its final phase of development. I can understand if the Fedora developers choose not to include it in FC2 release. However, I would really appreciate if the "cryptsetup" script can be added into the official apt/yum depository as a developement package, and later possibly in the next release of Fedora Core.
I also would like encrypted file system, it's one of the things I miss most. It would be great to find it on next test release.
I really hope some semi-formal support for encrypted filesystems goes into FC2. In today's world of increased security, how can fedora *not* have had this for so very long? Waiting again until FC3 would be frustrating to say the least.
I very strongly encourage you to add encrypted filesystem support to Fedora Core 2.
In response to Chen Nan in comment 1, please note that the cryptsetup-0.1 is NOT a script; it is a compiled C program. (It replaced the old cryptsetup.sh shell script.) You can check this by pulling my RPMs. The cryptsetup package is not a temporary solution; it's the preferred solution. (And unlike the cryptoloop interface in FC2 test2, it actually works. ;)
In response to James Ralston in Comment #5: Thanks for the info. I did't know that you have created a proper tool with the same name as the script created by Christophe Saout. I really hope that it will make it into FC2. :)
I didn't; Christophe Saout created both the shell script and then the C program which replaced it. (I just packaged the latter.)
The problem is pulling in new libgcrypt at this point, which changes the ABI....
Is libgcrypt being used by something special (so that it would matter that the ABI changed between FC2t2 and FC2t3 or FC2 FCS)?
Actually, I checked that first, and as far as I can tell, libgcrypt isn't being used by *anything*: cryptsetup is that first package that depends on it. (Caveat: I haven't finished applying all of the updates I just pulled down. It's possible that some new package now requires libgcrypt.)
It is important for me to have easy setup of encrypted disks. On FC1, it even needs a kernel patch. It seems now just a tool would be enough, but it would be great if it was just there from the beginning.
Given that I entered "Losetup and util-linux are not crypto aware (#56698)" into Red Hat's bugzilla late in 2001, I am also very interested in seeing this resolved in Fedora! I would like to see Red Hat adopt the standard that emerges from cryptoloop and dm_crypt.
Added.
Just tried it with the following rpms from rawhide. cryptsetup-0.1-1.i386.rpm libgcrypt-1.1.94-1.i386.rpm libgpg-error-0.7-1.i386.rpm libgpg-error-devel-0.7-1.i386.rpm It worked. Thanks.
Excellent! Finally, cryptographic filesystem support out-of-the-box. Thanks much. I'll bang on this thoroughly in test3.
Dear all. Since few time I use cryptosetup in FC2 final. libgpg-error-0.7-1 libgcrypt-1.2.0-1 cryptsetup-0.1-1 kernel 2.6.8-1.521 At first it look's working well. But I have much more trouble with ziped and rar files on the encrypted partition. Many crc-errors make it impossible to decrompressed the files. The same files on the non-crypted partition works well. Any ideas whats happen ?