Want to keep some files secure? Then read on… I’ll give a quick example to create a secure volume to stash stuff in.

In this example I will use blowfish for encryption, purely because the Ubuntu kernel team decided to build AES as part of the kernel instead of making it a module, but loop-aes wont work without being a module. You could always recompile your kernel, but if you are like me who uses the online update stuff, then you wont like recompiling your kernel every time Ubuntu updates it.

On to the example:
Lets create a 1gb file

sudo dd if=/dev/zero of=whateverfilename bs=1M count=1024

Load the modules for blowfish and cryptoloop

sudo modprobe blowfish
sudo modprobe cryptoloop

The next step, encrypt that file. It will also ask you for a password of 20 characters or more (Yup, 20 characters. We’re trying to be secure here, aren’t we?)

sudo losetup -e blowfish /dev/loop0 whateverfilename

I use XFS out of personal preference, but you can use EXT3 or Reiser if you want.
(if you want to use xfs, you will need to install xfsprogs)

sudo mkfs.xfs /dev/loop0
sudo losetup -d /dev/loop0

Choose a directory where you want to mount it, in my example I will mount it to /mnt

sudo mount whateverfilename -t xfs -o loop=/dev/loop0,encryption=blowfish /mnt

There you go, now you have 1gb of secure storage.

The guys at the s3fs project don’t make it that easy to get things installed and going in a flash. So here’s some steps to take if you have a CentOS 5 box at Amazon Ec2 and want to mount a S3 bucket.

First, install rpmforge, since CentOS’s repo wont have the necessary packages.

http://www.ultranetsolutions.com/CentOS-5-install-rpmforge-yum-repo.html

After you followed all those steps, install the following packages:

yum install fuse fuse-devel curl-devel libxml2-devel

Then lets grab the latest copy of s3fs at

http://code.google.com/p/s3fs/downloads/list

Unpack it and run “make”

Now you can continue to follow the steps at:

http://code.google.com/p/s3fs/wiki/FuseOverAmazon

One of my colleagues pointed out that there was no swap on one of our EC2 servers. I missed it because we make use of predefined images from Rightscale and usually they define all that jazz for you.
After a quick look I noticed that none of the m1.large instances had swap space. Lucky for us we never really needed swap space until now.
I also noticed there was a /dev/sdc drive attached to those instances. This gave me the opportunity to create a swap partition from that drive.

Here’s how I went about it:

In fdisk, “p” will print your existing partition layout. I just did it to make sure there was no partitions.

fdisk /dev/sdc
 
Command (m for help): p
 
Disk /dev/sdc: 450.9 GB, 450934865920 bytes
255 heads, 63 sectors/track, 54823 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
 
   Device Boot      Start         End      Blocks   Id  System

Press “n” to make a new partition, choose a partition number (eg. 1) and at first cylinder I just pressed enter.
At last cylinder or +size I wanted 1GB of swap, so I went “+1024M”

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-54823, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-54823, default 54823): +1024M

Press “p” again to see your new partition table and then press “w” to write the changes.

Command (m for help): p
 
Disk /dev/sdc: 450.9 GB, 450934865920 bytes
255 heads, 63 sectors/track, 54823 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1               1         125     1004031   83  Linux
 
Command (m for help): w
The partition table has been altered!
 
Calling ioctl() to re-read partition table.
Syncing disks.

Now to create the swap, we go “mkswap /dev/sdc1″
and activate it with “swapon /dev/sdc1″

[root@ip-xx-xx-xx-xx ~]# mkswap /dev/sdc1
Setting up swapspace version 1, size = 1028120 kB
[root@ip-xx-xx-xx-xx ~]# swapon /dev/sdc1
[root@ip-xx-xx-xx-xx ~]# free -m
             total       used       free     shared    buffers     cached
Mem:          7680       6690        989          0        265       3936
-/+ buffers/cache:       2488       5191
Swap:          980          0        980

Thats it, you can view your newly created swap space by doing “free -m” or by using “top”

Don’t forget to add it to /etc/fstab:

/dev/sdc1 swap 	swap 	defaults 0 0