-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2007-04-24 at 10:17 +0200, Ludwig Nussel wrote:
I don't know how to encrypt an iso image.
The encryption procedure I know is:
dd if=/dev/zero of=crypta.file bs=1M count=4482 losetup -T -e twofish256 /dev/loop1 crypta.file mkfs -L "EncriptedBackup" -t xfs /dev/loop1 mount -t xfs /dev/loop1 /mnt/tmp
I don't know how i can adapt mkisofs so that it creates an encrypted image.
# mkisofs -J -r -o img.iso stuff # cp img.iso img.iso.crypted # losetup /dev/loop0 img.iso.crypted # cryptsetup-twofish256 foo /dev/loop0 # cp img.iso /dev/mapper/foo # dmsetup remove foo # losetup -d /dev/loop0
Ahhh... ahhh... clap! (mouth hanging open and being manually shut). (didn't notice that part of the answer, Pine shows the lines starting with "#" in blue the same as those with ">") I will have to try that procedure one day... But I have to say that my procedure is faster. Once I have created the initial XFS image, all I do is: - mount it on a loop (R/W) - copy over those files I want - umount - burn. - mount "normally" (modified fstab line) The image remains there for reuse many times, encrypted. The iso image has to be created each time taking care of the maximum size, and then needs a second encrypted image. In disk I have to keep one non encrypted iso image at least part of the time. Frankly, I seem to prefer XFS dvds to ISO dvds (encrypted or plain). I can "create" them with normal tools, moving or copying files, as the image is read/write and isos are not: size has to be calculated. The obvious snag is that they are not portable, but so what? ;-) The second non obvious snag is that the XFS image can not be mounted at the same time as the burned DVD: they have the same UUID. Unless there is another problem with them I'm unaware of, of course.
...
It works! Wow, thanks!
Good to hear. Thanks for testing!
Welcome! :-) - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGOG7rtTMYHG2NR9URApJsAJ42y/m1jIfj0Obz5QSRnnIWeYU+/QCfQeWK 7g0ab8UVbjbqHTh3/pJGegY= =SM9m -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org