Bitcoin Forum>Bitcoin>Development & Technical Discussion
Author

Topic: using ecryptfs to protect your wallet (Read 1426 times)

theymos
administrator
Activity: 5166
Merit: 12850
using ecryptfs to protect your wallet
October 21, 2010, 05:29:04 PM
#2
I use dm-crypt. You must be root to mount the encrypted device. You can use a file-based container with a loop device.

My mount script:
Code:
losetup /dev/loop0 /encrypted

HASH=`hashalot -s salt sha256 | hexdump -e '32/1 "%02x"'`
echo 0 `blockdev --getsize /dev/loop0` crypt aes-cbc-essiv:sha256 \
$HASH 0 /dev/loop0 0 | dmsetup create hidden

Unmount:
Code:
dmsetup remove hidden && losetup -d /dev/loop0
grondilu
legendary
Activity: 1288
Merit: 1076
Re: using ecryptfs to protect your wallet
October 21, 2010, 03:48:54 PM
#1
I guess this could be in the wiki but I post it here first.

I've recently looked for a free alternative to TrueCrypt.

On my Debian system, I've found ecryptfs.  It seems nice because it doesn't require you to encrypt a whole partition.

First, install the package :

apt-get install ecryptfs-utils

Then, create a ~/Private directory.

Setup this directory as your encrypted directory with the command :

ecryptfs-setup-private

(you may need to load the ecryptfs module with modprobe or something)

You will be prompted for your login password and for a optionnal mount password.  Using only your login password is easier since it will save you the typing of an additionnal password.

Relog.

Move your wallet.dat file in your Private directory, and make a symlink :

mv .bitcoin/wallet.dat Private
ln -s $HOME/Private/wallet.dat .bitcoin

That's about it.

You can unmount your private dir with the ecryptfs-umount-private command.

This directory can be used for other sensitive files, such as .fetchmailrc, .ssh/id_dsa, .gnupg and so on.



Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: