How to create an encrypted image under linux

root's picture

In this tutorial I will explain you in few simple steps how to create an encrypted image. So, here it goes:

1. Load the necessary kernel modules if they are not loaded already:

[root@florian home]# modprobe cryptoloop
[root@florian home]# modprobe aes

2. Create an image with DD. Size, path and file name is your choise. For size, you just modify the count value:

[root@florian home]# dd if=/dev/urandom of=storage.img bs=1M count=512
512+0 records in
512+0 records out
536870912 bytes (537 MB) copied, 68.6128 s, 7.8 MB/s
[root@florian home]# du -sh storage.img 
512M	storage.img

3. Encrypt the image with losetup and link it to a loop device:

[root@florian home]# losetup -e aes /dev/loop0 storage.img 
[root@florian home]#

4. formate it (I was choosing ext4):

[root@florian home]# mkfs.ext4 /dev/loop0
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
32768 inodes, 131072 blocks
6553 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=134217728
4 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks: 
	32768, 98304

Writing inode tables: done                            
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 37 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

5. Finally, mount your image:

[root@florian home]# mkdir /media/secret
[root@florian home]# mount -o loop,encryption=aes storage.img /media/secret
[root@florian home]# df -h | grep secret
/home/storage.img     504M   17M  462M   4% /media/secret
[root@florian home]# mount | grep secret
/home/storage.img on /media/secret type ext4 (rw,loop=/dev/loop1,encryption=aes)


Thou shalt not steal!

If you want to use this information on your own website, please remember: by doing copy/paste entirely it is always stealing and you should be ashamed of yourself! Have at least the decency to create your own text and comments and run the commands on your own servers and provide your output, not what I did!

Or at least link back to this website.

Recent content