This site is hosted by SourceForge:
The Linux Encryption-HOWTO Homepage
Hi out there!
Like the document itself, this page is still somewhat preliminary and
serves only one purpose: Making available a web location to refer to
when it comes to telling people where to find it.
The latest version of the HOWTO is v0.2.2 (Oct 04,
2000) and is available here as tarred HTML, DVI or SGML Source. For online readers, I
put the HTML version on the web.
Release Notes for v0.2.2
Maintainance version only. Needed because of the advent of AES in
Release Notes for v0.2.1
This version is a maintainance release only. It updates a bunch of
small things, nothing big, and adds another bunch. I have tried to
incorporate as many suggestions as possible without changing the
document too much. In the light of the massive publicity the Encrytion
HOWTO has attracted for the last two days, I wanted to update the
discussion to the most recent stuff. See ChangeLog
Release Notes for v0.2.0
As everyone can clearly see, this document is still in an evolutionary
process of extension, and probably ever will be, keeping track of new
versions and approaches to encryption for Linux.
The disk encryption section remains for the moment in its v0.1.0
state. The section on network encryption has been greatly enhanced
The discussion of CIPE is now in a publishable state and I've added a
section on general VPN issues, such as routing and various examples.
Missing in the CIPE section is a "tips and tricks" section and a
description on how to use CIPE with dynamic (PPP) links. I want to
play with these items for myself first, before writing about it.
These additions are planned to make it into v0.2.1, which will be
following v0.2.0 very shortly. Another planned thing for 0.2.1 is to
put most of the FAQ stuff back into the loop device encryption
section, into a subsection called "Tips and Tricks". This is done
because I want to make the structuring of the Disk and the Network
section similar to each other and like the CIPE section is now.
I'd really like to see this one at www.linuxdoc.org, but The Linux
HOWTO maintainer has the last word. I am willing to make quite a few
changes to the document to let it slip into the HOWTO collection.
Any feedback and contribution is hereby strongly
encouraged. Finalizing this document will be much work and I am
currently in the process of preparing myself for writing my diploma
thesis in mathematical physics, which will take a year or so to
complete, hence I cannot spare that much time. Also, I have
currently no home network to play with, so testing the network
encryption approaches has to be done in the university, which slows
If you contact me concerning this document, please include the string
"[Encryption-HOWTO]" in the subject of the message. My E-Mail address
can be found at the beginning of the document.
This is Version 0.2.0 of the Linux Encryption HOWTO. It covers disk
encryption approaches, relying on work done by Doobee R. Tzeck (firstname.lastname@example.org) for mostly anything that
has not to do with loop device encryption, and network encryption
appraoches. Currently only CIPE is discussed in detail, but the
section on genral VPN issues may be interesting for users of other VPN
- 0.2.2 (Oct 04,
2000)(HTML.tgz, DVI, SGML)
- Small updates because of AES.
- Encryption-HOWTO now on sourceforge.net
- Updates to the Journalling Q.
- Updates from Sandy Harris regarding FreeS/WAN.
- 0.2.1 (Sep 28,
2000)(HTML.tgz, DVI, SGML)
- Small updates all over the place (IKP 188.8.131.52 now on kernel.org,
CIPE4Win, linux-crypto ml, remount loop bug, --passfd
for losetup and mount, FreeS/WAN 1.5, OpenSSH instead
- Small additions all over the place (VTUN, PPTP, Cipe+Masquerading
- Debian issues when compiling util-linux;
- A new question for Q&A: journaling filesystems (no "A" yet);
- 0.2.0 (Milestone II; Feb 24,
2000)(HTML.tgz, DVI, SGML)
- Added generic section on VPNs;
- Added CIPE section;
- Added minimal glossary;
- Updated IKP discussion to 184.108.40.206;
- Removed "Release Notes" section and part of Section "I've got
nothing to hide";
- Added warning on mount misbehaviour on looped remount; fix by
Andries B. for util-linux will probably fail int-patches?
- 0.1.1 (skipped)
- Adding Glossary;
- Adding section "Notations and Conventions used"
- Fixing a BUG() in section "Making an encrypted folder"
- 0.1.0 (Milestone I; Nov 19,
1999)(HTML.tgz, DVI, SGML)
- Finalizing the current content for submission to the Linux HOWTO
- Adding excuses for the unavailable discussion on
- 0.0.5 (Nov 10, 1999)
- Finished the preliminary
discussion on other disk encryption approaches by incorporating
Doobee. R. Tzeck's document;
- Answered the unanswered Q&A's in the
- 0.0.4 (Sep 5, 1999)
- Added new Q&A's;
- Replaced all /dev/zero's with /dev/urandom's;
- Added "Release
- Added text to the "Other Disk Encryption
- Fixed some BUG()'s in section on installing
- 0.0.3 (Aug 26, 1999)
- Introduced 'Crypto API'
description and goals;
- Changed Alexander Kjeldaas' mail address on
- Changed section 4.2 (Patching losetup and mount) to
"Patching util-linux" and cleared up that discussion, as well as
fixing some BUG()'s;
- Added the first Q&A's to FAQ section.
- Added general crypto discussion;
- Changed section layout;
- Changed version numbering. 0.1.0 will
be first version published (when the chapter on disk encryption has
- First version posted to people.
- Very first version.
created by Marc
Last modified: Oct 04, 2000.