сриптик от меня) сырой, но рабоиает) есть немножко другой для блочных устройств. пользуйте
#!/bin/bash
[[ ! -n $1 ]] || [[ -n `echo $* |grep '-help'` ]] && \
echo '
Script for create, open ore close crypto-loop file
cryptloop.sh create loop_file size(M) [key=/path/]
cryptloop.sh open loop_file [key=/path_to_key/]
cryptloop.sh close loop_file
' && exit
loop=$2
size=$3
name="${loop##*/}"
crypt_opt=
for i in `ls -1 /dev/loop{0,1,2,3,4,5,6,7}` ;do
losetup $i >/dev/null 2>&1 || break ;
done;
dev=$i
mount_fs() {
[[ -d /mnt/$name ]] || mkdir /mnt/$name
mount /dev/mapper/$name /mnt/$name && \
echo "Encrypted device mounted in /mnt/$name" && return 0
cryptsetup remove $name && losetup -d $dev
echo "Encrypted device don't mount"
}
case $1 in
create)
if [[ -n `echo $4 |grep key` ]] ;then
key="${4#*=}${name}-k"
dd if=/dev/urandom of=$key count=1
chmod 600 $key
crypt_opt="-v -d $key"
echo "Key: $key"
fi
dd if=/dev/urandom of=$loop bs=1M count=$size
chmod 600 $loop
losetup $dev $loop
cryptsetup $crypt_opt -c aes-cbc-essiv:sha256 -h sha512 --key-size 256 create $name $dev
mkfs.reiserfs /dev/mapper/$name
mount_fs
;;
open)
if [[ -n `echo $3 |grep key` ]] ;then key="${3#*=}${name}-k" ; crypt_opt="-v -d $key" ;fi
losetup $dev $loop
cryptsetup $crypt_opt -c aes-cbc-essiv:sha256 -h sha512 --key-size 256 create $name $dev
mount_fs
;;
close)
for j in `ls -1 /dev/loop{0,1,2,3,4,5,6,7}` ;do
if [[ -n `losetup $j | grep $loop` ]] ;then dev=$j ; break ;fi ;
done
umount -f /mnt/$name && rm -rf /mnt/$name
cryptsetup remove $name
losetup -d $dev
echo "Encrypted file closed"
# test, may remove:
for i in `ls -1 /dev/loop{0,1,2,3,4,5,6,7}` ;do losetup $i 2>/dev/null ;done
;;
esac
