I used to have an encrypted volume on my file server, for storing sensitive things, but after an upgrade to the newest version of Debian, that stopped working. So after some mucking around and getting the old module for cryptoloop put back into my current kernel, I figured i might as well migrate over to the newer version, which uses cryptsetup, losetup, and luks.

Ive shamelessly stolen these commands (although ive changed some of them)from elsewhere..

Create the file system and restricted access.

dd of=/path/to/secretfs bs=1G count=0 seek=8
chmod 600 /path/to/secretfs

Create a loopback device for the file
losetup /dev/loop0 /path/to/secretfs
Creates the volume, asks you for the key, and then creatss the DM mapping
cryptsetup -y luksFormat /dev/loop0
cryptsetup luksOpen /dev/loop0 secretfs

Pad the file so it generates its random data
dd if=/dev/zero of=/dev/mapper/secretfs

Create the filesystem
mkfs.ext3 dev/mapper/secretfs

# Mount the new filesystem in a convenient location
mkdir /mnt/cryptofs/secretfs
mount /dev/mapper/secretfs /mnt/cryptofs/secretfs

And an encrypted volume is setup.

Now how to unmount:

umount /mnt/cryptofs/secretfs
cryptsetup luksClose secretfs
losetup -d /dev/loop0

Remount:

losetup /dev/loop0 /path/to/secretfs
cryptsetup luksOpen /dev/loop0 secretfs
(enter password when prompted)
mount /dev/mapper/secretfs /mnt/cryptofs/secretfs

Now stuff that i can never remember how to do is grow the volume.

Make sure the volume is closed, unmounted etc.
umount /mnt/cryptofs/secretfs
cryptsetup luksClose secretfs
losetup -d /dev/loop0

Add 20gig to the file
dd if=/dev/zero bs=1G count=20 >> /dev/mapper/secretfs

Remount and reopen part of it

losetup /dev/loop0 /path/to/secretfs
cryptsetup lucksOpen /dev/loop5 EncryptedFS

check the FS first
e2fsck -f /dev/mapper/EncryptedFS

once thats done grow it
resize2fs /dev/mapper/EncryptedFS
and your done. You can now open the volume for use