It is just as easy to create an encrypted file system within a file on another file system. This is especially useful
if you want to back up this file by burning it to a DVD, etc. You can then easily move the file around to other
machines as well.
To initially create a 100MB file containing random data use the following command:
dd if=/dev/urandom of=/mystuff.aes bs=1k count=100000
If you want to change the size of the file, change the count value accordingly. The above command creates 100000 blocks
of 1k in size, but you can change this to whatever you like. Just make sure it is not too small to hold the file system you
chose. You can choose any file name and path you want instead of /mystuff.aes as long as there's enough space on the partition.
You can then create the encrypted file system within this file, similar to the way it is done above:
losetup -e aes-256 /dev/loop0 /mystuff.aes
Now you can create the file system:
mkfs.ext3 /dev/loop0
and mount it:
mount -t ext3 /dev/loop0 /mnt/crypto
Finally, unmount and detach the loop device:
umount /mnt/crypto
losetup -d /dev/loop0
You can then mount the file system later on as follows:
mount /mystuff.aes /mnt/crypto -oencryption=aes-256
If you want to move the file or burn it to a CD or DVD, make sure you unmount it first.
