  Loopback Encrypted Filesystem HOWTO
  Copyright by Ryan T. Rhea, rhear@cs.winthrop.edu
  v1.1, 29 November 1999
  Linux JF Project JF@linux.or.jp
  v1.1, 30 November 1999

  ́̕C[U}EgƂɁC̓e𓮓IߓIɈÍ
  t@CVXe̐ݒ@Ǝgp@܂D̃t@CV
  Xe͒ʏt@C̒ɒûŁCBt@CɂڗȂ
  Ot肵āCقƂǌȂ悤ɂ邱Ƃł܂D
  @ɂCf[^ɈSɕێ邱Ƃ\łD
  ______________________________________________________________________

  ڎ

  1. n߂O
  2. ͂߂
  3. 菇̂܂Ƃ
  4. ڍׂȎ菇
  5. {ɂ

  ______________________________________________________________________

  1.  n߂O

  ̏sɂ̓J[l̃\[XR[hCJ[l̃RpCɊւ
  mCꂩ炩Ȃ̍CKvłDNfBXNpӂĂƂ
  M҂͂߂܂D܂Cdvȃf[^Ít@CVXeɈ
  Oɂ́CKobNAbvĂ܂傤D̃t@CVXe
  lɉ邩ȂłD

  ܂ŏɁCLinux J[lɃpb`𓖂Ăăo[WȂƂ 2.2.9
  ȏɂĂȂ΂Ȃ܂Dpb`𓖂Ăڂ菇́C̕
  ``ڍׂȎ菇''̐߂Ōq܂D

  J[l̃\[XR[h͈ȉ̏ꏊɂ܂:

       <ftp://ftp.kerneli.org/>

  J[l̍ăRpC菇Ɋւ HOWTO ͈ȉ̏ꏊł
  ܂:

       <http://metalab.unc.edu/LDP/HOWTO/>

  {̑Ŝ܂͈ꕔ́Cȉ̏̉ɂāCŕEzz
  ܂܂D

  o  {̑Ŝ邢͈ꕔRs[ꍇ́C쌠\Ƃ̋\
     cȂ΂Ȃ܂D

  o  |܂͔hɂẮCzzsOɒ҂̏FKvłD

  o  {̈ꕔzzꍇɂ́C{̊SȔł肷菇
     ܂߂Ȃ΂Ȃ܂D܂CSȔł𓾂i񋟂Ȃ΂
     ܂D

  o  {ɏꂽSẴ\[XR[h GNU General Public License 
     ]܂D̃CZX͈ȉ̏ꏊ anonymous FTP gē
     ł܂:
       <ftp://prep.ai.mit.edu/pub/gnu/COPYING/>

  2.  ͂߂

  ̍Ƃł́C`/dev/loop*' foCX(ʂɃCXg[Ă *
   0  7 ܂łł傤)gă[vobNt@CVXe}E
  g܂D̍Ƃ͈ÍpɍsƂłCLinux t@CVX
  e Linux ȊÕp[eBVɒuƂł܂Dɂďq
  ׂ HOWTO ȑO LDP ɂ܂D

  ނ̈Íg܂DႦ XOR, DES, twofish, blowfish, cast128,
  serpent, MARS, RC6, DFC, IDEA ȂǂłDÍꂽt@CƁC̒
  Ɋ܂܂t@CVXeÍ̎ނ֘At̂ `losetup'
  (loopback setup)vO̖łD kerneli.org ƍ۔ł crypto
  pb`ǗĂ Alexander Kjeldaas ɂƁC݂ DES 
  losetup ͑gݍ킹܂D͗҂ɂpeBrbg̈
  قȂ邽߂łDDES ͑̈ÍƔׂĈSƗ̂ŁCDES 
  T|[gv͂܂D

  Twofish, blowfish, cast128, serpent ́CړI킸ɎRɎg郉C
  ZXłD̓CZXɐsłD̂́CAES W
  ̌łDŏIIɏcÍ́CgpȂŐEŎg悤
  ɂȂł傤D

  {ł serpent ASY𗘗p܂DȂȂC̈Í͋x
  ɋɂ߂čŁC GPL ̉ŎRɔzzł邩łD
  serpent t̕ɂƁCserpent  Ross Anderson, Eli Biham, Lars
  Knudsen ݌v 128 rbgubN̈ÍgĂ܂D̈Í
  ́CgUȂƂpō̃xŕۏ؂Ă܂D
  serpent Ɋւ镶ƃ\[XR[h͈ȉ̏ꏊł܂:

       <http://www.cl.cam.ac.uk/~rja14/serpent.html>

  ܂{ł́CÍ̋@\͒ڃJ[lɑgݍ܂̂Ƃ܂D
  ̓W[ƂĂCXg[ł܂C̕@͖{ł͐
  ܂D`/etc/conf.module' t@CҏWKvł傤D
  ̎菇́CɏqׂJ[l̃RpCɊւ HOWTO ŏڂ
  Ă܂D

  3.  菇̂܂Ƃ

  Ƃ͂̎菇Ȃ܂Dꂼ̎菇ɂẮC̐
  ``ڍׂȎ菇''Ő܂Dt@XƂĂ܂Ƃ߂ŏɗpӂĂ
  Ƃ낤ƍl܂ (ǎ҂̊F UNIX/Linux ̌oLx
  Ȃ΁Cɂׂ͕svł傤)Dł́C܂Ƃ߂ȉɎ
  ܂:

  1. ۔ňÍpb`̍ŐVłȉ̏ꏊ_E[h܂({
     M_ł `patch-int-2.2.10.4' p܂):

       <http://ftp.kerneli.org/pub/kerneli/>

  2. J[lɃpb`𓖂Ă܂

  3. `make config'(܂ `menuconfig'  `xconfig')sāCVJ
     [lp `Makefile' ݒ肵܂DÍLɂ邽߂̃Iv
     V́CɎU΂Ă܂D܂͂ƂCǂ̃IvV
     O `Code Maturity level options' ̉ `Prompt for
     development and/or incomplete code/drivers' LɂĂD
     ɁC`Crypto options' ̉ `crypto ciphers'  `serpent' L
     ɂ܂DJԂ܂C{ł serpent ĝƂ܂D
     Cǎ҂̊F͍DȂ̂ĂD 2.2.10.4 ̎
     _ł DES Ƃ͑gݍ킹ȂƂYȂłD
     T|[g邱Ƃ͂Ȃł傤D`Block Devices' ̉ɂ́CI
     ׂdvȃIvV܂D `Loopback device
     support', `Use relative block numbers as basis for transfer
     functions(RECOMMENDED)', `General encryption support' łD
      `cast 128'  `twofish' ͑IȂłDlbg[N֘A
     ̊e퍀ڂ̉ɂÍ֌W̃IvV́CǂIKv͂
     ܂DJ[l̐ݒɂẮCȏׂɂ͗
     ܂D͖{͈̎͂ł͂Ȃ̂ŁCLDP ̃TCgɂ鑼
     ɂȂĂD

  4. VJ[lRpC܂D

  5. `/etc/lilo.conf' ҏWāCVJ[lC[Wǉ܂D
     ꂩ `lilo -v' sāCu[g[_ɂ̃J[lǉ
     D

  6. ŐV `util-linux' pbP[W(M҂ `util-linux-2.9v' gĂ
     ܂)ȉ̏ꏊ肵܂:

       <ftp://ftp.kernel.org/pub/linux/utils/util-linux/>

  7. `util-linux' ̃\[XWJ܂D

  8. [J `/usr/src/linux/Documentation/crypto/' fBNgɂ
     CgÍɑΉpb`𓖂Ă܂D

  9. `INSTALL' t@C𒍈Ӑ[ǂł! ̃pbP[Wɂ́CV
     Xeˑ̃t@C(`login', `passwd', `init' Ƃdvȃc[
     Q)̃\[XR[hĂ܂D MCONFIG t@C
     ɕҏWẴ\[XRpCĂ܂ƁCVXe
     ႭɂȂ邩܂ - NfBXNVbgKpӂ
     Ă܂傤D{Iɂ́CقƂǑSĂ `HAVE_*' ̍ڂ `yes'
     ɂĂCdvȔF؃c[̃RpCƏ㏑sȂ悤
     Ă܂傤Dč\z̕Kvc[́CVÍ@ɑ
      `mount'  `losetup' łD̃XebvɂẮCq
     ``ڍׂȎ菇''̐߂QƂ邱Ƃ߂܂D

  10.
     `util-linux' ̃\[X̃RpCƃCXg[s܂D
  11.
     VJ[lŃ}VċN܂D

  12.
     `/etc/fstab' ҏWCȉ̂悤ȃ}Eg|Cg̍ڂǉ
     :

       ______________________________________________________________________
       /dev/loop0  /mnt/crypt  ext2  user,noauto,rw,loop 0 0
       ______________________________________________________________________

  13.
     t@CVXe}Eg邽߂̃fBNg܂DL
     ł `/mnt/crypt' łD

  14.
     ʃ[UŁCÍt@Cȉ̂悤ɂč܂:

       dd if=/dev/urandom of=/etc/cryptfile bs=1M count=10

  15.
     ȉ̂悤 losetup s܂:

       losetup -e serpent /dev/loop0 /etc/cryptfile

  pX[h͂@͈xȂ̂ŒӂĂDpX[h
  ̓d`FbN΁Cȉ̃R}hg܂傤:

       losetup -d /dev/loop0

  ̃R}h loop foCXANeBułȂԂɂ܂Dɂ
  x losetup sCȉ̂悤ɂăpX[hmF܂D

       losetup -e serpent /dev/loop0 /etc/cryptfile

  16.
     ext2 t@CVXeȉ̂悤ɂč쐬܂:

       mkfs -t ext2 /dev/loop0

  17.
     ŁCÍt@CVXeȉ̃R}hŃ}Eg܂:

       mount -t ext2 /dev/loop0 /mnt/crypt

  18.
     t@CVXe̎gpICȉ̃R}hŃt@CVXe
     A}Egĕی삵܂:

       umount /dev/loop0
       losetup -d /dev/loop0

  4.  ڍׂȎ菇

  J[lւ̃pb`:

  pb`𓖂ĂāC`2.2.x' [XAbvO[h܂D `2.2.x' 
  Ƀ[XĂ邻ꂼ̃pb`̓oOCłDV@\͊JŃJ
  [lł `2.3.x' ɒǉ܂Dpb`𓖂ĂăCXg[
  ́C݂̃o[WVpb`t@CSē肵Cȉ̃R}
  hs܂:

       cd /usr/src
       gzip -cd patchXX.gz | patch -p0

  ݂̃\[Xc[o[Wԍ傫̂SāCXX ɓĂ͂
  Ă܂D͔ԍɍs܂D

  J[l\[X̃ftHg̃fBNg `/usr/src/linux' łD\[
  Xʂ̏ꏊɃCXg[Ăꍇ́C`/usr/src/linux' V
  {bNN𒣂邱Ƃ߂܂D

  `util-linux' pbP[W̃RpĈ߂ `MCONFIG' ҏW܂:

  ȉɎ̂́CM҂ `util-linux' pbP[W̃RpCɎg
  `MCONFIG' t@CłD͕M҂̐ݒ(RedHat 5.2 xx[X
  Ă܂) ɂȂĂ̂ŒӂĂDmɎׂ_
  ́C`login', `getty', `passwd' ƂdvȃVXet@C㏑
  ȂƂłDƂ肠CdvȍsȉɎ܂:

       ______________________________________________________________________
       CPU=$(shell uname -m | sed s/I.86/intel/)

       LOCALEDIR=/usr/share/locale

       HAVE_PAM=no

       HAVE_SHADOW=yes

       HAVE_PASSWD=yes

       REQUIRE_PASSWORD=yes

       ONLY_LISTED_SHELLS=yes

       HAVE_SYSVINIT=yes

       HAVE_SYSVINIT_UTILS=yes

       HAVE_GETTY=yes

       USE_TTY_GROUP=yes

       HAVE_RESET=yes

       HAVE_SLN=yes

       CC=gcc
       ______________________________________________________________________

  :

  8 ̃[vobNfoCX(`dev/loop0'  `/dev/loop7' ܂)̂ǂ
  gĂ悢ƂɒӂĂD܂C}Eg|Cg͖ڗȂ
  fBNgɂ܂傤DM҂́Cz[fBNgȉɃp[~bV
   700 ̃fBNg邱Ƃ߂܂DƂf[^
  t@Cɂ܂DM҂ `/etc' tH_ `sysfile' 
  `config.data' Ƃt@CŒuĂ܂D͕ʁC
  D

  M҂́C1 R}hŃt@CVXẽ}EgƃA}Egs
  ́CƂĂȒP Perl XNvg܂Dȉ̓ẽt@C
  Cs\ɂ(chmod u+x)CpXʂꏊɒuĂD

       ______________________________________________________________________
       #!/usr/bin/perl -w
       #
       #minimal utility to setup loopback encryption filesystem
       #Copyright 1999 by Ryan T. Rhea
       `losetup -e serpent /dev/loop0 /etc/cryptfile`;
       `mount /mnt/crypt`;
       ______________________________________________________________________

  L̃XNvg `loop' Ɩt܂DgƁCR}h
  (`loop')ƃpX[h͂Ń}Egs܂D

       ______________________________________________________________________
       #!/usr/bin/perl -w
       #
       #minimal utility to deactivate loopback encryption filesystem
       #Copyright 1999 by Ryan T. Rhea
       `umount /mount/crypt`;
       `losetup -d /dev/loop0`;
       ______________________________________________________________________

  2 ڂ̃XNvg `unloop' Ɩt܂D`unloop' sƁC
  Ƀt@CVXeANeBuɂł܂D

  5.  {ɂ

  { Linux Japanese FAQ Project s܂B|Ɋւ邲ӌ
   JF vWFNg <JF@linux.or.jp> ɘAĂB

  ȉɎ܂B

     v1.0j, 27 November 1999
        |: P <fujiwara@linux.or.jp>

        Z:

        o  鐳 <takavoid@palette.plala.or.jp>

        o  앐Y <nakano@apm.seikei.ac.jp>

        o  L <takei@cc.kochi-u.ac.jp>

     v1.1j, 29 November 1999
        |: P <fujiwara@linux.or.jp>

