Table of contents Up Previous Next Glossary Home   Advanced Features  

Linking container to device

Top  

Warning: this command is intended for experienced users only; if unsure do not use it.

The 'Link' command allows BestCrypt containers to be accessed as conventional block devices, without mounting the container's filesystem. Container linking should be used only when other BestCrypt functions do not satisfy your requirements (e.g. advanced operation on container's data required on block device level such as file undeletion or advanced 'fsck'). You can obviously mount the block device of the linked container, but 'bctool mount' command is recommended for everyday use.

Container 'link' operation syntax follows. You will be prompted for container's password to perform this operation unless -p option specified.

bctool link filename devname

where
filename container filename
devname BestCrypt block device name. BestCrypt devices a usually named /dev/bcrypt0, /dev/bcrypt1 and so on.
 
This is an example of linking secret_data container to /dev/bcrypt0 device.

[foo@bar ]$ bctool link secret_data /dev/bcrypt0
<now you can access secret_data container as raw device via /dev/bcrypt0>
[foo@bar ]$

Notes:

  • If you are using 2.2.x or 2.3.x kernel, BestCrypt devices have major number 7 (0x07) and minors starting from 128 (0x80).
  • If you are using 2.4.x kernel, BestCrypt devices have major number 188 (0xBC) and minors starting from 0.

Unlinking previously linked container from device

Top  

Warning: this command is intended for experienced users only; if unsure do not use it.

In order to unlink previously linked container from block device, 'unlink' command should be used. Note that 'unlink'ing containers mounted with 'bctool mount' command is very dangerous. 'Unlink' command syntax follows:

bctool unlink devname

where
devname BestCrypt block device name. BestCrypt devices a usually named /dev/bcrypt0, /dev/bcrypt1 and so on.
 
Here is example of unlinking container from /dev/bcrypt0 BestCrypt device.

[foo@bar ]$ bctool unlink /dev/bcrypt0
[foo@bar ]$

Raw mode link to device

Top  

Warning: this command is intended for experienced users only; if unsure do not use it.

Raw mode link function allows any continuous file or block device to be linked to BestCrypt device. This may be useful for temporary storage such as swap space encryption. In order to make raw mode link more secure, random password option is implemented. Warning! Raw mode link ignores BestCrypt container's header. If you will link container in raw mode, all container data may be destroyed.

Files linked in raw mode should be unlinked by bctool unlink command

bctool raw_link filename devname -a algorithm [-p]

where
filename name of continuous file or block device
devname BestCrypt block device name. BestCrypt devices a usually named /dev/bcrypt0, /dev/bcrypt1 and so on.
algorithm Encryption algorithm to be used.
[-p] generate random password (optional)
 
Here is example of swap space encryption using raw mode linking container to /dev/bcrypt0 BestCrypt device.

[foo@bar ]$ bctool raw_link /dev/hdc4 /dev/bcrypt0 -a blowfish -p
[foo@bar ]$ mkswap /dev/bcrypt0
[foo@bar ]$ swapon /dev/bcrypt0
[foo@bar ]$

Notes:

 

  Table of contents Up Previous Next Glossary Home   Top