Skip to content
/ dmencrypt Public

Userspace creation of dmcrypt volumes in aes-cbc-essiv:sha256 mode

License

MIT license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

anisse/dmencrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.travis.yml
.travis.yml
 
 
LICENCE
LICENCE
 
 
README.md
README.md
 
 
dmencrypt.go
dmencrypt.go
 
 

Repository files navigation

Build Status

dmencrypt

Create dmcrypt aes-cbc-essiv:sha256 volumes in userspace.

This tool ciphers a file with a key passed in argument, in the method used by Linux kernel's device-mapper crypt target, in per-sector AES-CBC, with ESSIV IV input (uses the sector number).

If for some reason you decide not to use LUKS, and you know what you're doing, you can use this tool to create dmcrypt volumes in userspace, so you don't need to have a machine with root access lying around, or use libguestfs.

There's only one mode supported, and you can both encrypt and decrypt the file.

It improves over the shell and openssl dmcrypt.sh implementation by Vadim Penzin by a factor 1000.

Usage

usage: dmencrypt [-d] password-file input-file output-file

Examples

$ dd bs=32 count=1 if=/dev/urandom of=key
1+0 records in
1+0 records out
32 bytes copied, 1.6077e-05 s, 2.0 MB/s
$ dmencrypt key my-filesystem encrypted-filesystem
$ dmencrypt -d key encrypted-filesystem decrypted-filesystem
$ cmp my-filesystem decrypted-filesyste
$ # files are identical

About

Userspace creation of dmcrypt volumes in aes-cbc-essiv:sha256 mode

Topics

linux aes filesystem golang-application dmcrypt

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages