initCommon(); $template->displayHeader(); ?>
11. File Systems
Prev   Next

11. File Systems

[Tip]Latest Release Notes on the Web

These release notes may be updated. Visit http://docs.fedoraproject.org/release-notes/ to view the latest release notes for Fedora.

Fedora 8 provides basic support for encrypted swap partitions and non-root file systems. To use it, add entries to /etc/crypttab and reference the created devices in /etc/fstab.

[Note]Encrypted FS Support Unavailable During Install

Enable file system encryption after installation. Anaconda does not have support for creating encrypted block devices.

The following example shows an /etc/crypttab entry for a swap partition: 

my_swap /dev/sdb1 /dev/urandom swap,cipher=aes-cbc-essiv:sha256

This command creates an encrypted block device /dev/mapper/my_swap, which can be referenced in /etc/fstab. The next example shows an entry for a filesystem volume: 

my_volume /dev/sda5 /etc/volume_key cipher=aes-cbc-essiv:sha256

The /etc/volume_key file contains a plaintext encryption key. You can also specify none as the key file name, and the system instead asks for the encryption key during boot.

The recommended method is to use LUKS for file system volumes. If you are using LUKS you can drop the cipher= declaration in /etc/crypttab).

  1. Create the encrypted volume using cryptsetup luksFormat.

  2. Add the necessary entry to /etc/crypttab.

  3. Set up the volume manually using cryptsetup luksOpen or reboot.

  4. Create a filesystem on the encrypted volume.

  5. Set up an entry in /etc/fstab.

Prev   Next
10. Fedora Desktop Home 12. Mail Servers
displayFooter('$Date: 2007/11/08 03:45:40 $'); ?>