2

I want to create an encrypted LUKS Container:

# dd if=/dev/random of=pvt.img bs=1M count=512
# cryptsetup -y luksFormat pvt.img

WARNING!
========
This will overwrite data on pvt.img irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:
Cannot find a free loopback device.
Device pvt.img doesn't exist or access denied.

# ls /dev/loop*
ls: cannot access '/dev/loop*': No such file or directory

I don't have any loop devices (don't know why - this is a VPS), so I tried to create one manually:

# mknod /dev/loop0 b 7 0
# ls -l /dev/loop0
brw-r--r-- 1 root root 7, 0 Jan  7 14:51 /dev/loop0

However when I try it again the same error occurs.

What's the problem here?

Improve this question
9
  • Why are you trying to create an image file containing 512MB of random data? Are you going to use this to pad out an EFI boot partition before the luks one or something? If you just want a chunk of encrypted disk space there's no need to do this first. It's not clear what you're trying to achieve. Commented Jan 7, 2017 at 15:19
  • Hi, i want to create an encrypted container (=file, not a partition), therefore i'm allocating a new file with size 512MB, which will be my container, i could also have used if=/dev/null, doesn't matter Commented Jan 7, 2017 at 15:39
  • i followed the tutorial in digitalocean.com/community/tutorials/… Commented Jan 7, 2017 at 15:40
  • Ah. I see! Sorry for my earlier post sounding a bit snotty. Don't know what came over me. I've just tried what you're trying to do on my laptop and it works no problem, so as you rightly assume it must be something to do with the way that the block devices on the VPS are set up. Commented Jan 7, 2017 at 17:08
  • When I mount the luks file on my laptop it maps to /dev/loop0 I'm using Fedora, so maybe the default setup in Fedora is to enable loop0 device and it's missing from the VPS? I'm sorry that I can't help much more than that. Although I might try it on an Amazon EC2 instance. Commented Jan 7, 2017 at 17:11

2 Answers 2

Reset to default
3

It's possible that your system lacks the driver for loop devices. Normally the devices /dev/loop* would be created by udev when the driver is loaded; creating the /dev entries manually won't help since the driver is not there.

Check if /sys/module/loop exists. If it doesn't, then the loop device driver is not loaded. It may be available as a module: try modprobe loop. If that doesn't help then your VPS is set up without the loop module, which is technically possible but strikes me as a strange choice from the VPS service.

It's also possible that the loop driver is present but for some reason (likely a misconfiguration somewhere) the device /dev/loop-control is not present. This device is used to assign loop devices dynamically.

mknod -m 660 /dev/loop-control c 10 237
Improve this answer
3
  • Thanks for the answer, /sys/module/loop does not exist, modprobe loop results in an error (Module loop not found in directory /lib/modules/4.4.0-042stab120.11), /dev/loop-control also doesn't exist and the mknod command doesn't help (distro is Ubuntu 16.04.1 LTS) Commented Jan 10, 2017 at 10:29
  • @lukstei I think you're working in a virtualized environment where you aren't allowed to load new drivers (you don't have actual root access, the kernel is shared between all the containers). So you'd have to contact your host provider, and perhaps to upgrade to a higher level of service. Commented Jan 10, 2017 at 10:36
  • that could be possible because it's a low cost service Commented Jan 10, 2017 at 10:52
0

I created an Amazon EC2 instance and tried what you are wanting to do. It worked without any loop errors.

Here are the steps I took:

dd if=/dev/zero of=test2 bs=1M count 512  : create 512MB blank file

sudo cryptsetup luksFormat test2      : asks for confirmation and passphrase

sudo mkdir /mnt/tmp                   : create a mount point

sudo chown -R ubuntu:ubuntu /mnt/tmp  : make sure I can write to mount point

sudo cryptsetup luksOpen test2  somename  : open luks container with a name

sudo mkfs.ext2 /dev/mapper/somename : create a filesystem in the luks container

sudo mount /dev/mapper/somename /mnt/tmp : mount containter, so it can be used

touch /mnt/tmp/MYTESTFILE   : create arbitrary file in container

echo "Some data to be double sure it works" > /mnt/tmp/MYTESTFILE : add content
________________________________________________________
Reboot the VPS, then after reboot log back in and check:
________________________________________________________

sudo cryptsetup luksOpen test2  somename   : open new container again

sudo mount /dev/mapper/somename /mnt/tmp   : mount it

ls /mnt/tmp                               : should see MYTESTFILE here

cat /mn/tmp/MYTESTFILE                    : show the data put in the file earlier
Improve this answer
7
  • The device mapper on an Amazon EC2 VPS seems to be set up just like a home system. Maybe the problem you are having with loop0 device isn't necessary: just use the device mapper on the remote operating system to map any encrypted devices you create. This is what happens normally on a home system. Commented Jan 7, 2017 at 17:59
  • You ran cryptsetup luksFormat twice, and sudo wasn't required? Which commands were actually successful? Maybe cleaning up your answer, with a little output & comments, would be more helpful Commented Jan 8, 2017 at 11:28
  • I rushed the answer, yes. I will clean it up when I have time. Commented Jan 8, 2017 at 23:36
  • I have cleaned up my answer. It's not exactly addressing the original problem but I hope it gives a pointer to how it can be done. Commented Jan 9, 2017 at 18:20
  • Thanks for the answer, the cryptsetup luksFormat command doesn't work for me, I'm not using Amazon EC2.. Commented Jan 10, 2017 at 10:30

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.