Creating an encrypted loopback device with Tomb
Tomb makes managing encrypted volumes easy - in fact very easy. This is a must if you're like me and want to store sensitive stuff on the cloud.
You can download Tomb from here.
1. Install some dependencies:
yum install ncurses-devel cryptsetup zsh gettext -y yum install http://pkgs.repoforge.org/dcfldd/dcfldd-22.214.171.124-1.el6.rf.x86_64.rpm
2. Download and untar Tomb
cd /tmp wget https://files.dyne.org/tomb/Tomb-2.1.1.tar.gz tar zxf Tomb-2.1.1.tar.gz
3. Make Tomb
cd Tomb-2.1.1 make install
4. Add a user
useradd -m weirdbricks
5. Dig a new tomb of the size you want - in this example I'm going to use 40GB (40960MB)
cd /home/weirdbricks time tomb dig -s 40960 archived-photos.tomb
tomb . Commanded to dig tomb archived-photos.tomb tomb (*) Creating a new tomb in archived-photos.tomb tomb . Generating archived-photos.tomb of 40960MiB 40960+0 records in 40960+0 records out 42949672960 bytes (43 GB) copied, 8898.17 s, 4.8 MB/s -rw------- 1 root root 40G Nov 2 07:56 archived-photos.tomb tomb (*) Done digging archived-photos tomb . Your tomb is not yet ready, you need to forge a key and lock it: tomb . tomb forge archived-photos.tomb.key tomb . tomb lock archived-photos.tomb -k archived-photos.tomb.key real 148m18.280s user 0m0.281s sys 147m50.630s
As you can see from the output of time, creating the tomb can take a while :) 7. Create a key for the tomb - in this case we'll name the key "archived-photos.key"
tomb forge -f -k archived-photos.key
This will prompt you for the key's password twice 8. OK, now let's format the tomb and lock it - you will be asked for your password
tomb lock -k archived-photos.key archived-photos.tomb
9. Finally let's open the tomb (mounts it!) - this will ask you for your password
tomb open -k archived-photos.key archived-photos.tomb
10. You're good to go! Check the output of df -h to see the mounted Tomb
df -h Filesystem Size Used Avail Use% Mounted on /dev/xvda1 50G 42G 5.7G 88% / none 496M 0 496M 0% /dev/shm /dev/mapper/tomb.archived-photos.1446525515.loop0 40G 48M 38G 1% /media/archived-photos
11. If you want to close the tomb (aka unmount it)
tomb close all