How to mount a partition by specifying block range instead of partition on Linux?
It is possible with non-encrypted filesystem. E.g if your partition starts at the sector 34607104
and the sector size is 512
, you go with:
mount -o offset=$((512*34607104)) /dev/sdX /mnt/foo/
The partition table entry may not exist, it doesn't matter. mount
will examine the filesystem and do its job (you can help with -t
switch).
I don't know much about dm-crypt plain but it appears you should decrypt the device (partition) first, then mount. Michael Kjörling's comment is useful:
You want
losetup
and particularly its--offset
and--sizelimit
switches. Once you have a loopback device configured, you should be able to mount it normally.
I would change the last words to "decrypt it normally" to fit your needs.
There is also dmsetup
tool. It allows you to create a mapped device from chunks of various files/devices. E.g. you can hide your encrypted "partition" in several gaps between normal partitions inside one or more HDDs. Read my answer to another question and study man dmsetup
. Make your /dev/mapper/barbaz
franken-partition and have fun with plain encryption on it.
Hint: in the said answer I use losetup
to create devices from files because dmsetup
doesn't work with regular files. You will work with already existing devices. Use their /dev/something
paths when building the map for dmsetup
– no need for losetup
in this case.
Related videos on Youtube
![galva](https://i.stack.imgur.com/q6V34.jpg?s=256&g=1)
Comments
-
galva almost 2 years
Dear Linux super users,
I'd like to mount a filesystem that whose range I would like to ommit from the partition table in order to hide it from anyone looking for data on my disk.
This capability together with volatile/non-fstab mounts and dm-crypt plain would make my data very secure from people who are interested in my data or the possibility of data being there at all.
Is this possible with
mount(8)
?-
user over 7 yearsYou want
losetup
and particularly its--offset
and--sizelimit
switches. Once you have a loopback device configured, you should be able to mount it normally. -
dirkt over 7 yearsThat may fool someone not looking very closely, but anyone using
binwalk
or scanning for file system signatures in some other way would find it easily, encrypted or not. Security by obscurity can buy you time, but it doesn't make it safer. -
Kamil Maciorowski over 7 years@dirkt I disagree about
binwalk
and signatures. Contrary to LUKS, dm-crypt plain mode does not require a header on the encrypted device [...] encrypted disk that will be indistinguishable from a disk filled with random data, which could allow deniable encryption. (Source). -
Ravindra Bawane over 7 years@dirkt Security-through-obscurity can only buy you time, but that does not mean it is not part of a valid security system. Knowing its purposes and using it appropriately can increase general system security and it should not be downplayed.
-
-
galva over 7 years1. Good tip about dmsetup! 2. I knew about losetup, but didn't know it can do devices too! So thanks @Michael too!