Skip to content

freylyons/Encrypted-Disk-Image-File-Demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
justfile
justfile
 
 
setup.sh
setup.sh
 
 

Repository files navigation

Encrypted File Mounting Demo

This mini demo project demonstrates how to work with an encrypted filesystem image, with applications for VMs and securing docker volumes. It provides a justfile which can be used to execute brevity commands to allow you to easily create, mount, and unmount a file, although this is only a toy project for demonstration purposes and is intended to act as a reference for the commands you would actually work with.

Installation

This project contains a nix flake which can be used to install just into an ephemeral developer environment. If you do not have/do not wish to use nix, you may also install just directly using a package manager of your choice.

Nix Installation

If you have nix installed on your machine with flakes enabled, you can either reference the flake directly from the github URL or by cloning the repo and running nix develop locally

Flake command:

nix develop github:freylyons/Encrypted-Disk-Image-File-Demo

Clone command:

git clone https://github.com/freylyons/Encrypted-Disk-Image-File-Demo;
cd Encrypted-Disk-Image-File-Demo;
nix develop;

Regular Installation

After installing just on your machine

git clone https://github.com/freylyons/Encrypted-Disk-Image-File-Demo;
cd Encrypted-Disk-Image-File-Demo;

Usage

There are 4 commands: init, mount, unmount, status

To use these commands, write just before them (e.g. just init)

init - This will first create an empty file and use cryptsetup luksFormat to encrypt it with LUKS. It will then use cryptsetup open to create map the file it creates to a block device, which opens the encrypted file in memory and references it with a device. Once this is done, it formats it as an EXT4 filesystem, which for all intents and purposes makes it a usable device. For the sake of convenience, it will then perform a first mount and clean up the permissions of the mountpoint for you.

mount - This will first map the image file to a block device, before mounting it at the local mountpoint.

unmount - This will unmount the block device and then dereference it / lock the image file.

status - Although the above 2 commands provide some hints on how to check what they have done, this is just a nice helper command to show you the state of the mountpoint and the block device at any given time, for debugging etc.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published