dm-crypt is a device-mapper crypto target.
Version: 0.1dm-crypt is a device-mapper crypto target.
Operating System: Linux
Device-mapper is a new infrastructure in the Linux 2.6 kernel that provides a generic way to create virtual layers of block devices that can do different things on top of real block devices like striping, concatenation, mirroring, snapshotting, etc... The device-mapper is used by the LVM2 and EVMS 2.x tools.
dm-crypt is such a device-mapper target that provides transparent encryption of block devices using the new Linux 2.6 cryptoapi. The user can basically specify one of the symmetric ciphers, a key (of any allowed size), an iv generation mode and then he can create a new block device in /dev. Writes to this device will be encrypted and reads decrypted. You can mount your filesystem on it as usual. But without the key you can't access your data.
It does basically the same as cryptoloop only that it's a much cleaner code and better suits the need of a block device and has a more flexible configuration interface. The on-disk format is also compatible. In the future you will be able to specify other iv generation modes for enhanced security (you'll have to reencrypt your filesystem though).
There is support for dm-crypt in the latest official kernel 2.6.4 which you can find on kernel.org. Please use the mirrors for downloads.
There is a HIGHMEM cryptoapi bug in kernels before 2.6.4-rc2, please upgrade if you were using such a kernel.