Dm-crypt: Difference between revisions
Jump to navigation
Jump to search
(→plain) |
|||
| Line 19: | Line 19: | ||
==plain== | ==plain== | ||
"plain" <tt>dm-crypt</tt> mode is the original kernel functionality and does not employ the convenience layer. | |||
=cryptsetup= | =cryptsetup= | ||
Revision as of 07:07, 24 December 2018
Externa
Internal
Overview
dm-crypt is standard device mapper encryption functionality provided by the Linux kernel. The management of dm-crypt is done with cryptsetup userspace utility. dm-crypt allows for the following block-device encryption modes: LUKS and plain.
Block-Device Encryption Types
LUKS
LUKS dm-crypt mode, used by default, is an additional convenience layer that stores all of the needed setup information for dm-crypt on the encrypted disk itself and abstracts partition and key management in an attempt to improve eas of use and cryptographic security.
plain
"plain" dm-crypt mode is the original kernel functionality and does not employ the convenience layer.
cryptsetup
cryptsetup is the userspace utility used to manage the dm-crypt encryption functionality.