Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 23rd, 2015
Linux Advisory Watch: March 20th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Cryptoloop HOWTO

Cryptoloop HOWTO

Ralf Hölzer


Revision History
Revision 1.22004-03-12Revised by: rh
Added information on dm-crypt, updated loop-AES info, added more info on security
Revision 1.12004-01-24Revised by: rh
Updated information on patching util-linux, Loop-AES, Best Crypt
Revision 1.02004-01-17Revised by: rh
Initial release, reviewed by TM at LDP.
Revision v0.92004-01-15Revised by: rh
Updated and converted to DocBook XML.

This document explains how to create encrypted file systems using the Cryptoloop functionality. Cryptoloop is part of the CryptoAPI in the 2.6 Linux kernel series.

1. About this document

This HOWTO describes how to use the Cryptoloop loop device encryption in the 2.6 Linux kernel series. Cryptoloop makes it possible to create encrypted file systems within a partition or another file in the file system. These encrypted files can the be moved to a CD, DVD, USB memory stick, etc. Cryptoloop makes use of the loop device. This device is a pseudo-device which serves as a "loop" through which each call to a the file system has to pass. This way, data can be processed in order to encrypt and decrypt it. Since kernel 2.6, the Crypto API has been integrated into the main kernel, and setting up an encrypted file system has become much easier. No additional kernel patches are required. An update of some userspace utilities is necessary. Unfortunately, the use of Cryptoloop is not very well-documented so far. This HOWTO is an attempt to make it easy everyone to create an encrypted file system using the standard Cryptoloop functionality. Cryptoloop is based on the Crypto API in the 2.6 Linux kernel. It should not be confused with Loop-AES, which is a completely separate project. Cryptoloop is similar to the Crypto API that was available as a separate patch for the 2.4 kernel series. The new version is not compatible with the older one.

1.1. Copyright and License

This document, Cryptoloop HOWTO, is copyrighted © 2004 by Ralf Hölzer. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is available at

Linux is a registered trademark of Linus Torvalds.

1.2. Disclaimer

No liability for the contents of this document can be accepted. Use the concepts, examples and information at your own risk. There may be errors and inaccuracies, that could be damaging to your system. Proceed with caution, and although this is highly unlikely, the author(s) do not take any responsibility.

All copyrights are held by their by their respective owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Naming of particular products or brands should not be seen as endorsements.

1.3. Credits / Contributors

I'd like to thank the following people who helped me improve this HOWTO:

  • Dennis Kaledin

  • Binh Nguyen

  • David Lawyer

  • Tabatha Marshall

  • Kian Spongsveen

1.4. Feedback

Feedback is most certainly welcome for this document. Send your additions, comments and criticisms to the following email address : .



Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Tech Companies, Privacy Advocates Call for NSA Reform
Google warns of unauthorized TLS certificates trusted by almost all OSes
How Kevin Mitnick hacked the audience at CeBIT 2015
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.