current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. Join them; it only takes a minute:

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 1 down vote favorite

I want to create an encrypted LUKS Container:

# dd if=/dev/random of=pvt.img bs=1M count=512
# cryptsetup -y luksFormat pvt.img

WARNING!
========
This will overwrite data on pvt.img irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:
Cannot find a free loopback device.
Device pvt.img doesn't exist or access denied.

# ls /dev/loop*
ls: cannot access '/dev/loop*': No such file or directory

I don't have any loop devices (don't know why - this is a VPS), so I tried to create one manually:

# mknod /dev/loop0 b 7 0
# ls -l /dev/loop0
brw-r--r-- 1 root root 7, 0 Jan  7 14:51 /dev/loop0

However when I try it again the same error occurs.

What's the problem here?

share|improve this question
    
Why are you trying to create an image file containing 512MB of random data? Are you going to use this to pad out an EFI boot partition before the luks one or something? If you just want a chunk of encrypted disk space there's no need to do this first. It's not clear what you're trying to achieve. – bitofagoob Jan 7 at 15:19
    
Hi, i want to create an encrypted container (=file, not a partition), therefore i'm allocating a new file with size 512MB, which will be my container, i could also have used if=/dev/null, doesn't matter – lukstei Jan 7 at 15:39
    
i followed the tutorial in digitalocean.com/community/tutorials/… – lukstei Jan 7 at 15:40
    
Ah. I see! Sorry for my earlier post sounding a bit snotty. Don't know what came over me. I've just tried what you're trying to do on my laptop and it works no problem, so as you rightly assume it must be something to do with the way that the block devices on the VPS are set up. – bitofagoob Jan 7 at 17:08
    
When I mount the luks file on my laptop it maps to /dev/loop0 I'm using Fedora, so maybe the default setup in Fedora is to enable loop0 device and it's missing from the VPS? I'm sorry that I can't help much more than that. Although I might try it on an Amazon EC2 instance. – bitofagoob Jan 7 at 17:11
up vote 3 down vote

It's possible that your system lacks the driver for loop devices. Normally the devices /dev/loop* would be created by udev when the driver is loaded; creating the /dev entries manually won't help since the driver is not there.

Check if /sys/module/loop exists. If it doesn't, then the loop device driver is not loaded. It may be available as a module: try modprobe loop. If that doesn't help then your VPS is set up without the loop module, which is technically possible but strikes me as a strange choice from the VPS service.

It's also possible that the loop driver is present but for some reason (likely a misconfiguration somewhere) the device /dev/loop-control is not present. This device is used to assign loop devices dynamically.

mknod -m 660 /dev/loop-control c 10 237
share|improve this answer
    
Thanks for the answer, /sys/module/loop does not exist, modprobe loop results in an error (Module loop not found in directory /lib/modules/4.4.0-042stab120.11), /dev/loop-control also doesn't exist and the mknod command doesn't help (distro is Ubuntu 16.04.1 LTS) – lukstei Jan 10 at 10:29
    
@lukstei I think you're working in a virtualized environment where you aren't allowed to load new drivers (you don't have actual root access, the kernel is shared between all the containers). So you'd have to contact your host provider, and perhaps to upgrade to a higher level of service. – Gilles Jan 10 at 10:36
    
that could be possible because it's a low cost service – lukstei Jan 10 at 10:52
up vote 0 down vote

I created an Amazon EC2 instance and tried what you are wanting to do. It worked without any loop errors.

Here are the steps I took:

dd if=/dev/zero of=test2 bs=1M count 512  : create 512MB blank file

sudo cryptsetup luksFormat test2      : asks for confirmation and passphrase

sudo mkdir /mnt/tmp                   : create a mount point

sudo chown -R ubuntu:ubuntu /mnt/tmp  : make sure I can write to mount point

sudo cryptsetup luksOpen test2  somename  : open luks container with a name

sudo mkfs.ext2 /dev/mapper/somename : create a filesystem in the luks container

sudo mount /dev/mapper/somename /mnt/tmp : mount containter, so it can be used

touch /mnt/tmp/MYTESTFILE   : create arbitrary file in container

echo "Some data to be double sure it works" > /mnt/tmp/MYTESTFILE : add content
________________________________________________________
Reboot the VPS, then after reboot log back in and check:
________________________________________________________

sudo cryptsetup luksOpen test2  somename   : open new container again

sudo mount /dev/mapper/somename /mnt/tmp   : mount it

ls /mnt/tmp                               : should see MYTESTFILE here

cat /mn/tmp/MYTESTFILE                    : show the data put in the file earlier
share|improve this answer
    
The device mapper on an Amazon EC2 VPS seems to be set up just like a home system. Maybe the problem you are having with loop0 device isn't necessary: just use the device mapper on the remote operating system to map any encrypted devices you create. This is what happens normally on a home system. – bitofagoob Jan 7 at 17:59
    
You ran cryptsetup luksFormat twice, and sudo wasn't required? Which commands were actually successful? Maybe cleaning up your answer, with a little output & comments, would be more helpful – Xen2050 Jan 8 at 11:28
    
I rushed the answer, yes. I will clean it up when I have time. – bitofagoob Jan 8 at 23:36
    
I have cleaned up my answer. It's not exactly addressing the original problem but I hope it gives a pointer to how it can be done. – bitofagoob Jan 9 at 18:20
    
Thanks for the answer, the cryptsetup luksFormat command doesn't work for me, I'm not using Amazon EC2.. – lukstei Jan 10 at 10:30

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.