Using directions from Felipe Alfaro Solana, I set up an encrypted home directory in Ubuntu 7.04. I only had one problem, that exhibited an error message as follows:

Command failed: Incompatible libdevmapper 1.02.08 (2006-07-17)(compat) and kernel driver

This was caused by the dm_mod module not being loaded. I fixed it for the session by issuing a  modprobe dm_mod command, and fixed it forever by adding dm_mod to my /etc/modules file.

The commands I used were as follows:

# apt-get install crypsetup dmsetup

# apt-get install libpam-mount

# echo “@include common-pammount” >> /etc/pam.d/common-auth

# echo “@include common-pammount” >> /etc/pam.d/common-session

Generate an AES random encryption key, encrypts it with the user log on password and stores it:

# dd if=/dev/urandom bs=1c count=$((256/8)) | openssl enc -aes-256-ecb > /home/summetj.key

# openssl enc -d -aes-256-ecb -in /home/summetj.key | cryptsetup -c aes -s 256 create crypt-summetj /dev/sda3

(Using my log on password.)

Make a new ext3 filesystem on top of the cryptoloop device:

# mkfs.ext3 /dev/mapper/crypt-summetj

# mkdir /mnt/crypt-summetj
# mount /dev/mapper/crypt-summetj /mnt/crypt-summetj
# chown summetj /mnt/crypt-summetj
# umount /dev/mapper/crypt-summetj
# rmdir /mnt/crypt-summetj

# dmsetup remove crypt-summetj

To test mount the encrypted volume:

# openssl enc -d -aes-256-ecb -in /home/summetj.key | mount.crypt /dev/sda3 /home/summetj -o keysize=256

To unmount it:

#umount /home/summetj 

#dmsetup remove _dev_sda3

Configure pam_mount and you are done:

# echo “volume summetj crypt – /dev/sda3 /home/summetj keysize=256 aes-256-ecb /home/summetj.key” >> /etc/security/pam_mount.conf