The officially official Devuan Forum!

You are not logged in.

#1 2020-12-29 08:27:23

dice
Member
Registered: 2020-11-22
Posts: 131  
Website

cryptsetup encrypted container script

continued on from here: http://dev1galaxy.org/viewtopic.php?id=4018

Thought i should create a new thread on the nearly complete script ive been working on. Hopefully ive done the right setup for this?

Few more things i need figuring out, how to make the script so that any user is accepted, kind of like maybe a first run config file that just enters the user name into the correct variable in the script. Fixed by adding $SUDO_USER to the variable. No logname is better i read.Not sure about those who use root account directly that being [su -]?

Possibly some sort of verbosity with the dd and cryptsetup commands. Possibly allow for different file systems to be used like btrfs, xfs, ntfs etc.

I have created a help section inside the script now so it explains in some detail what im trying to accomplish.

Ive named it cryptc


#!/bin/sh

###############################################################
# © 2020 WTFPL – Do What the Fuck You Want to Public License. #
#							      #
#		http://www.wtfpl.net/about/                   #
###############################################################

u=$(logname)

crypt_dir () {
	dir="$2"
	mkdir -p /home/"${u}"/"${dir}"
}

crypt_img () {
	outfile="$2"
	blocksize="$3"
	dd if=/dev/urandom of="${outfile}" bs="${blocksize}" count=1 iflag=fullblock
}

crypt_create () {
	img="$2"
	name="$3"
        losetup -f > /tmp/nextloop
        LOOPDEV=$(cat /tmp/nextloop)
        losetup "${LOOPDEV}" "${img}"
        cryptsetup luksFormat "${img}"
        cryptsetup open "${img}" "${name}"
        mkfs.ext4 /dev/mapper/"${name}"
}

crypt_open () {
	img="$2"
	name="$3"
	cryptsetup open "${img}" "${name}"
}

crypt_mount () {
	name="$2"
	dir="$3"
	mount -t ext4 /dev/mapper/"${name}" /home/"${u}"/"${dir}"
}


crypt_umount () {
	name="$2"
	dir="$3"
	umount /home/"${u}"/"${dir}"
	cryptsetup close "${name}"
	losetup -d /dev/loop0
}

usage () {
    cat <<EOM

Usage:

This is just a simple script to create an encrypted container using dd + cryptsetup + luks and mount it on the user home directory.
All commands are to be run as sudo if not then root user (su) will need to be used. 
This script could be used to keep personal info safe inside an encrypted raw disk image container.
Depends: dd, cryptsetup, e2fsprogs

[-d] make the directory for the container first
sudo cryptc -d <name of directory>
example "sudo cryptc -d my-directory"

[-i] sudo cryptc -i <your.img> <size>
example: "sudo crypt-c -i your.img 100M"

[-C] sudo cryptc -C <your.img> <dev-mapper-name>
example: "sudo cryptc -C your.img dev-mapper-name"

[-m] mount to the directory you created for the container from step 1.
sudo cryptc -m <dev-mapper-name> <name-of-directory>
example: "sudo cryptc -m dev-mapper-name my-directory"

[-u] sudo cryptc -u <name>
example: "sudo cryptc -u dev-mapper-name"

[-o] to open the container again
sudo cryptc -o <your.img> <dev-mapper-name>
example: "sudo cryptc -o your.img dev-mapper-name"

EOM
    exit 0
}

while getopts ":diComuh" opt; do
  case ${opt} in
    d ) crypt_dir "$@"
      ;;
    i ) crypt_img "$@"
      ;;
    C ) crypt_create "$@"
      ;;
    o ) crypt_open "$@"
      ;;
    m ) crypt_mount "$@"
      ;;
    u ) crypt_umount "$@"
      ;;
    h ) usage
      ;;
    \? ) echo "Usage: cmd [-d --create-crypt-directory] [-i --create-img] [-C --create-container] [-o --open-image-container] [-m --mount-container] [-u --unmount-container] [-h --help]"
      ;;
  esac
done

Edited. Ran script through shell check as per head on a stick recommendation and updated.

edit 30/12/2020 - can now be installed/uninstalled using make, also included man page.
more details here: https://notabug.org/dice_1/cryptc

Last edited by dice (2020-12-30 07:26:18)


“That which is below is like that which is above, and that which is above is like that which is below, to perform the miracles of one only thing.”

-Hermes Trismegistos

Offline

Board footer