Virtual Space / Encrypted Container over ssh

What about a virtual filesystem which is encrypted like TrueCrypt? Well that’s easy on Linux.
In the last step we even do this on a remote host with ssh. So in this case we have a remote backup.
But the other site can’t do anything with the file, it only looks like a big and it is encrypted.

Let’s begin local:

  • Let’s create a container:dd if=/dev/urandom of=Container count=1 bs=10M
    A file filled with random data with the size of 10Mb is created. If you want to speed up the process, you could use io=/dev/zero
  • Create a loopback device
    losetup /dev/loop1 Container
  • Format the container (ext2 in this case, of course you can use ext3/4)mkfs /dev/loop1
  • Mount the container, so we can use it to store data in
    mkdir /media/virtalspace
    mount /dev/loop1 /media/virtualspace

After mounting, you can access this virtual filesystem just as usual. Well a backup is not a backup when it’s on the same drive.

So at least do this on a USB drive/stick or something. But what if you want to make backups at the linux-server at your friends place?
Of course you trust your friend, but just to be sure we are going to encrypt the container.

We need a ssh connection and some extra packages from EPEL for this. We are using sshfs (ssh filesystem) for this.

Install fuse-sshfs, for CentOS with yum install fuse-sshfs. After this do:

  • mkdir /media/remote_sshfs
  •  sshfs [USER]@[HOST]:/home/[user]/backup /media/remote_sshfs
    /home/user/backup needs to be there and has the right permissions.
    Supply your password and that’s it. A remote filesystem over ssh.

Now we are going to make the backup container/filesystem on the remote side:

  • dd -io=/dev/urandom if=/media/remote_sshfs/backup-container count=1 bs=10M
    Ofcourse 10Mb is not much for a backup, just play with it and use a large file later.
  • TIP as it seems you have ssh access, create the file on the other side by logging in, as it takes (a long) time to create the file.