libguestfs support for encrypted Linux VMs

Two people asked me in about as many days if libguestfs supports encrypted VMs, so with the help of LUKS I added this feature.

A typical session in guestfish looks like this:

$ guestfish --ro -a encrypted.img
><fs> run
><fs> list-devices
><fs> list-partitions
><fs> vfs-type /dev/vda2
><fs> luks-open /dev/vda2 luksdev
Enter key or passphrase ("key"):
><fs> vgscan
><fs> vg-activate-all true
><fs> vgs
><fs> lvs
><fs> mount /dev/vg_f13x64encrypted/lv_root /
><fs> ll /
total 132
dr-xr-xr-x.  24 root root  4096 Jul 21 12:01 .
dr-xr-xr-x   20 root root     0 Jul 21 20:06 ..
drwx------.   3 root root  4096 Jul 21 11:59 .dbus
drwx------.   2 root root  4096 Jul 21 12:00 .pulse
-rw-------.   1 root root   256 Jul 21 12:00 .pulse-cookie
dr-xr-xr-x.   2 root root  4096 May 13 03:03 bin

Since it’s a little clumsy to use in guestfish at the moment, I hope we can add some convenience commands in a future release.

PS. WTF are dbus and pulseaudio doing creating those files and directories under /?


Leave a comment

Filed under Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.