How to mount a partition by specifying block range instead of partition on Linux?

linux partitioning mount

6,158

It is possible with non-encrypted filesystem. E.g if your partition starts at the sector 34607104 and the sector size is 512, you go with:

mount -o offset=$((512*34607104)) /dev/sdX /mnt/foo/

The partition table entry may not exist, it doesn't matter. mount will examine the filesystem and do its job (you can help with -t switch).

I don't know much about dm-crypt plain but it appears you should decrypt the device (partition) first, then mount. Michael Kjörling's comment is useful:

You want losetup and particularly its --offset and --sizelimit switches. Once you have a loopback device configured, you should be able to mount it normally.

I would change the last words to "decrypt it normally" to fit your needs.

There is also dmsetup tool. It allows you to create a mapped device from chunks of various files/devices. E.g. you can hide your encrypted "partition" in several gaps between normal partitions inside one or more HDDs. Read my answer to another question and study man dmsetup. Make your /dev/mapper/barbaz franken-partition and have fun with plain encryption on it.

Hint: in the said answer I use losetup to create devices from files because dmsetup doesn't work with regular files. You will work with already existing devices. Use their /dev/something paths when building the map for dmsetup – no need for losetup in this case.

6,158

galva

see the links on the right

Updated on September 18, 2022

Comments

galva almost 2 years

Dear Linux super users,

I'd like to mount a filesystem that whose range I would like to ommit from the partition table in order to hide it from anyone looking for data on my disk.

This capability together with volatile/non-fstab mounts and dm-crypt plain would make my data very secure from people who are interested in my data or the possibility of data being there at all.

Is this possible with mount(8)?
- user over 7 years
  
  You want losetup and particularly its --offset and --sizelimit switches. Once you have a loopback device configured, you should be able to mount it normally.
- dirkt over 7 years
  
  That may fool someone not looking very closely, but anyone using binwalk or scanning for file system signatures in some other way would find it easily, encrypted or not. Security by obscurity can buy you time, but it doesn't make it safer.
- Kamil Maciorowski over 7 years
  
  @dirkt I disagree about binwalk and signatures. Contrary to LUKS, dm-crypt plain mode does not require a header on the encrypted device [...] encrypted disk that will be indistinguishable from a disk filled with random data, which could allow deniable encryption. (Source).
- Ravindra Bawane over 7 years
  
  @dirkt Security-through-obscurity can only buy you time, but that does not mean it is not part of a valid security system. Knowing its purposes and using it appropriately can increase general system security and it should not be downplayed.
galva over 7 years

1. Good tip about dmsetup! 2. I knew about losetup, but didn't know it can do devices too! So thanks @Michael too!