6. Mounting the encrypted file system

For all operations on the Cryptoloop device, it is important that the necessary modules are loaded. You need to load at least the Cryptoloop module and the modules for each cipher with modprobe. If the features are compiled directly into the kernel, this is not necessary.

In order to mount the encrypted file system created above, you can use the standard mount command from util-linux:

mount -t ext3 /dev/sda1 /mnt/crypto/ -oencryption=aes-256

You will be prompted for the password and the file system will be mounted just as any other. Since the encryption option implies that this is a Cryptoloop filesystem, it will automatically pick an available loopback device.

When you are done, unmount it with:

umount /mnt/crypto

You can add the following line to /etc/fstab:

/dev/sda1               /mnt/crypto     ext3            noauto,encryption=aes-256       0 0

Now you can simply mount the device with:

mount /mnt/crypto

That's it. Have fun.