Table of contents Up Previous Next Glossary Home   Creating Containers  

Creating new container

Top  

Creating container is storage space reservation for your encrypted data. After being created, BestCrypt container can not be resized. BestCrypt container can reside either in

  • file
    or on
  • raw block device.
From user's point of view container file and container on raw block device differ on creation stage only. The only difference is that BestCrypt automatically uses entire raw block device storage for container, while file size should be specified. All subsequent BestCrypt operations do not differ these two cases.

In order to create new container following command should be used. You will be prompted to set and verify password for your container. BestCrypt allows passwords from 8 up to 128 characters length.

Creating container file:
bctool new -a algorithm_name -s size [-d description] [-v] filename
or
bcnew -a algorithm_name -s size [-d description] [-v] filename

Creating container on raw block device:
bctool new -a algorithm_name [-d description] [-v] devname
or
bcnew -a algorithm_name [-d description] [-v] devname

where  
-a algorithm_name encryption algorithm name (refer to /etc/bc.conf)
-s size container size in bytes, Kilobytes, Megabytes or Gigabytes e.g. 1000, 10K, 1M, 1G
-d description free form container description
filename new container filename
devname existing block device name or symbolic link to block device
-v verbose output
 
In this example 100MByte container named secret_data encrypted with Blowfish algorithm is created; secrets is a public description of this container.

[foo@bar ]$ bctool new secret_data -s 100M -a BlowFish -d secrets
Enter password: <password will not be displayed>
Verify password: <password will not be displayed>
[foo@bar ]$
 
In this example /dev/hdc1 block device is initialized for encryption with Blowfish algorithm. See also: Encrypted Floppy.

[foo@bar ]$ bctool new /dev/hdc1 -a BlowFish -d secrets
Warning: All data on specified block device will be lost! Continue? (y/[n]):y
Enter password: <password will not be displayed>
Verify password: <password will not be displayed>
[foo@bar ]$

Formatting container

Top  

In order to store your files a freshly created container must be formatted. Containers may be formatted with any filesystem supported by your system.

Containers and filesystems limitations should be taken into account when choosing filesystem type.
It also should be noted that after formatting container all previous data stored in container will be lost.

'Format' command syntax follows. This operation requires container password.

bctool format [-t filesystem-type] filename
or
bcformat [-t filesystem-type] filename

where
-t filesystem_type standard filesystem name, e.g. msdos(default), ext2, minix
filename container filename
 
Here secret_data container is formatted using ext2 filesystem.

[foo@bar ]$ bctool format secret_data -t ext2
Enter password: <password will not be displayed>
[foo@bar ]$

Notes:

  • in order to format container with filesystem X, mkfs.X utility is needed

Creating hidden part in container

Top  

Hidden part of container is data concealment technology provided by BestCrypt.

Please make sure that you do exactly know what hidden part is and you are familiar with all limitations and possible consequences. Hasty usage of this command may lead to data loss.

There must be at least one free password slot in container. If you have filled all 7 slots using bctool add_passwd command, you will not be able to create hidden part.

Hidden part creation syntax follows. This operation requires container password. Hidden part passwords are allowed from 8 up to 128 characters length.

bctool make_hidden filename size

where
filename container filename
size size of hidden part in bytes, Kilobytes, Megabytes or % percents.
 
In this example hidden part is created inside secret_data container.

[foo@bar ]$ bctool make_hidden 50%
Enter existing password: <password will not be displayed>
Enter hidden part password: <password will not be displayed>
Verify hidden part password: <password will not be displayed>
[foo@bar ]$

Notes:

  • Do not forget to format hidden part of container.

 

  Table of contents Up Previous Next Glossary Home   Top