¡¾ÇóÖú¡¿ÇóÖúÈçºÎ¼ÓÃÜÎļþ¼Ð¶ø²»Ó°ÏìʹÓÃ
Ò»¸ö¼¬ÊÖµÄÎÊÌ⣬ϣÍû¸ßÊÖ¸øЩÌáʾºÍ·½·¨£ºLinux²Ù×÷ϵͳ£¬Ô¶³ÌÓû§Èç¹ûµÇ¼ÒÔºó£¬Äܹ»·ÃÎÊijЩÌض¨µÄÎļþ»òÕßÎļþ¼Ð£¬ÉõÖÁ¿½±´ÏàÓ¦µÄÄÚÈÝ£¬µ¼ÖÂһЩÖØÒªÎļþµÄ¶ªÊ§£¬Òò´ËÓиöÏë·¨
£¨1£©Ôö¼ÓÒ»µÀÆÁÕÏ£¬°ÑÖØÒªµÄÎļþ¼Ð¼ÓÃÜ£¬°üÀ¨Îļþ¼ÐÀïµÄÎļþ
£¨2£©Ô¶³ÌÓû§»òÕß±¾µØÓû§·ÃÎÊʱÐèÒªÊäÈë·ÃÎÊÃÜÂë
£¨3£©Ô¶³ÌÓû§»òÕß±¾µØÓû§¿½±´Ê±Ò²Í¬ÑùÐèÒª¿½±´ÃÜÂë
£¨4£©²»Ó°Ïì¸ÃĿ¼µÄʹÓã¬Ò²¾ÍÊÇ˵£¬Èç¹ûÔÀ´Î´¼ÓÃÜ֮ǰµÄÎļþ¼ÐÀïÃæÊÇÒ»¶ÎÔ´³ÌÐò£¬Äܹ»Õý³£µÄ±àÒ룬Á´½ÓÉõÖÁÔ¶³Ìµ÷ÊÔ£¬Ï£Íû¼ÓÃܺóÒ²²»Ó°ÏìÕâЩ¹¦ÄÜ
ÎÒ¿´µ½Ò»¸ö´ÅÅ̼ÓÃܵÄÈí¼þ£¬Ò²ÊÇÐÞ¸ÄÄں˵ģ¬µ«ÊÇ»¹²»Ì«Ã÷°×ÔõôÓã¬ÊÇ·ñÄÜÂú×ãÎÒµÄÒªÇó£¬ËùÒÔÔÚÕâÀïÎÊÎʸßÊÖÃÇÓÐûÓмòµ¥µÄ£¬¿ìËٵİ취£¬»òÕßʲô·×Ó¡£ ÓÃϵͳ×Ô´øµÄloop¾Í¿ÉÒÔÍê³É, ²Î¿¼ÕâÀïµÄµÚ¶þ²¿·Ö loop-AES
[url]http://www.linux.com/article.pl?sid=06/03/13/1656228[/url] лл°æÖ÷£¬ÎÒÏÈ¿´¿´£¬ÓÐÎÊÌâÔÙÏòÄãÇë½Ì Roc.Ken°æÖ÷
ÎÒÊÔ×ÅÓÃloop-aes, µ«ÊÇûÓи㶨¡£Äã¸øµÄÁ´½ÓÊÇdebianÀïµÄ·½·¨¡£ÎÒÊÇÖ±½ÓÔÚredhat9ÉÏ×÷µÄ£¬¸ù¾Ý°²×°ËµÃ÷ÖرàÁËÄںˣ¬loop-aesÒ²³É¹¦µØ°²×°£¬µ«ÊÇÔÚʹÓõÄʱºòÌáʾÕÒ²»µ½É豸"/dev/loop7",¿ÉÊÇÎÒ¿´Á˸ÃĿ¼Ï£¬ÓÐloop7Îļþ£¬²»ÖªµÀʲôÔÒò£¬¾ÍÊDz»ÄÜÓã¬Ö¸µãһϣ¬Ð»Ð»¡£ ¿É·ñ¸ø³öÏêϸµÄ³ö´íÐÅÏ¢,
Èç¹ûÊÇredhatϵÁеÄϵͳ, ĬÈϾÍÓÐÕâЩ¼ÓÃÜÓõÄÄ£¿é:
# cat /etc/redhat-release
Red Hat Enterprise Linux AS release 4 (Nahant Update 3)
# modprobe -l blowfish
/lib/modules/2.6.9-34.0.1.ELsmp/kernel/crypto/blowfish.ko
# ls /lib/modules/2.6.9-34.0.1.ELsmp/kernel/crypto
arc4.ko cast5.ko crc32c.ko deflate.ko khazad.ko md5.ko serpent.ko sha512.ko twofish.ko
blowfish.ko cast6.ko crypto_null.ko des.ko md4.ko michael_mic.ko sha256.ko tea.ko wp512.ko
ÒÔ blowfish ΪÀý:
#insmod /lib/modules/2.6.9-34.0.1.ELsmp/kernel/crypto/blowfish.ko ####¼ÓÔØÄ£¿é
# dd if=/dev/urandom of=./encrypt bs=1k count=4096 ####´´½¨Îļþ
# losetup -e blowfish /dev/loop0 ./encrypt ####ºÍloopÉ豸¹ØÁª,²¢ÈÃͨÐżÓÃÜ.
Pass phrase: Your_PASSWORD_HERE ####¼ÇסÃÜÂë,ÒÔºó°²×°¸ÃÎļþϵͳʱÐèÒª.
# mkfs -t ext3 /dev/loop0 #´´½¨Îļþϵͳ
# losetup -d /dev/loop0 #È¥µô¹ØÁª
#mkdir /mnt/myfs
# mount ./encrypt -o loop=/dev/loop0,encryption=blowfish /mnt/myfs -t ext3 #°²×°¼ÓÃܵÄÎļþϵͳ
Password: Your_PASSWORD_HERE
ÒÔºóÄã¾Í¿ÉÒÔÏñʹÓà /home ·ÖÇøÒ»ÑùʹÓÃÕâ¸öÎļþϵͳ, ͬϵͳµÄÆäËûÓû§Ò²¿ÉÒÔÕý³£·ÃÎÊ; ÃÜÂëµÄÏÞÖÆÖ»ÓÐÔÙ¹ÒÔصÄʱºòÉúЧ, ¿ÉÒÔÔÚʹÓÃÍêºó, umountµôÕâ¸öÎļþϵͳ.
mount/umountÐèÒªrootȨÏÞÍê³É,¿ÉÒÔдÔÚsudoersÎļþÖÐ. ÕâƪÎÄÕÂÒ²¿ÉÒԲο¼Ò»ÏÂ
[url]http://man.lupaworld.com/content/manage/ringkee/debian.htm#id2808444[/url] Óй¤¾ßÈí¼þµÄ
Free open-source disk encryption software for Windows XP/2000/2003 and Linux Main Features: Creates a virtual encrypted disk within a file and mounts it as a real disk. Encrypts an entire hard disk partition or a device, such as USB flash drive. Encryption is automatic, real-time (on-the-fly) and transparent. Provides two levels of plausible deniability, in case an adversary forces you to reveal the password: 1) Hidden volume (steganography ¨C more information may be found here). 2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data). Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish. Mode of operation: LRW (CBC supported as legacy). Based on Encryption for the Masses (E4M) 2.02a, conceived in 1997. Further information regarding features of the software may be found in the documentation. [url]http://www.truecrypt.org/[/url]
Ò³:
[1]