From owner-freebsd-security@FreeBSD.ORG  Sun Jan 22 22:40:04 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: Freebsd-security@freebsd.org
Delivered-To: Freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9D62E16A41F
	for <Freebsd-security@freebsd.org>;
	Sun, 22 Jan 2006 22:40:04 +0000 (GMT)
	(envelope-from freebsd@meijome.net)
Received: from sigma.octantis.com.au (ns2.octantis.com.au [207.44.189.124])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0D41043D46
	for <Freebsd-security@freebsd.org>;
	Sun, 22 Jan 2006 22:40:03 +0000 (GMT)
	(envelope-from freebsd@meijome.net)
Received: (qmail 13181 invoked from network); 23 Jan 2006 09:40:01 +1100
Received: from andromeda.lef.com.au (HELO ?10.168.101.24?) (210.8.93.2)
	by sigma.octantis.com.au with (DHE-RSA-AES256-SHA encrypted) SMTP;
	23 Jan 2006 09:40:01 +1100
Message-ID: <43D409B8.6070704@meijome.net>
Date: Mon, 23 Jan 2006 09:39:52 +1100
From: Norberto Meijome <freebsd@meijome.net>
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: FreeBSD Questions <freebsd-questions@freebsd.org>, 
	Freebsd-security@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: 
Subject: Encrypted volume - how?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Jan 2006 22:40:04 -0000

Hi all,
I'm looking for a way to recreate the functionality of PGP Disk (under 
Win32). Basically, create an encrypted file, which contains a filesystem 
which can then be mounted in any mount point.

I know I can use GELI in FreeBSD 6 - as I understand, it performs the 
encryption at the partition level (the whole partition is encrypted). 
I'd like to be able to simply unmount my 'secure volume', and be able to 
back it up as a whole, or move it to another computer without having to 
repartition the destination. I think GELI wouldn't be good for this.

I think I've read somewhere that you could use openssl to generate an 
encrypted volume and then mount it. I searched for a while and can't 
find any reference to this. Does anyone know how to do this with 
openssl, OR any other tool ?

thanks in advance,
Beto