StegFS - A Steganographic File System for Linux
===============================================
Copyright (C)1999 Andrew D. McDonald
This software is licensed under the terms of the GNU General Public License.
StegFS is an implementation of a steganographic file system for Linux, based
on the ideas in the paper "The Steganographic File System", by Anderson,
Needham and Shamir (presented at the 1998 Information Hiding Workshop).
The file system builds on top of a normal Ext2 file system. The resulting
file system can still be mounted with the ext2 driver. When mounted
with the stegfs driver and appropriate passphrases given, additional hidden
levels become available.
It is recommended that you read before using this file system to
get some understanding of how it works. This discusses the security vs.
performance issues. You should also note why and how files may get
overwritten.
The StegFS package consists of a kernel patch and a set of utilities.
Kernel Patch
============
Currently the StegFS kernel drivers cannot simply be compiled separately
and used with your current kernel. You instead need to patch the kernel
source tree and compile a new kernel. The StegFS driver can either be
compiled in to the kernel or as a separate module.
The kernel patch file is called:
patch-X.Y.Z-stegfs-a.b-c.gz or patch-X.Y.Z-stegfs-a.b-c.bz2
depending on the type of compression used.
The X.Y.Z is the version of the kernel which this patch should be used on.
The StegFS version number is a.b and the c is the build number of this patch.
To apply it, first untar a kernel source tree. Then change into the linux
directory and:
gunzip -c patch-X.Y.Z-stegfs-a.b-c.gz | patch -p1 or
bunzip2 -c patch-X.Y.Z-stegfs-a.b-c.bz2 | patch -p1
You should then build the kernel normally. You need to enable experimental
drivers and enable StegFS in the file systems section of the configuration.
Tools
=====
The StegFS tools are contained in a tarball called:
stegfs-tools-a.b-c.tar.gz or stegfs-tools-a.b-c.tar.bz2
where a.b is the version and c is the build number.
You should uncompress and untar these. Change to the directory containing
the files and do:
make
This should compile all the files.
The StegFS tools contain tools for manipulating the file system in normal
use (mkstegfs, stegfsopen, tunestegfs) and also some for manipulating or
analysing the file system for debugging or developmental purposes (readdata,
inolist, junkblocks).
Usage
=====
First create the Ext2fs file system:
mke2fs /dev/device
Then turn it into a stegfs partition:
mkstegfs /dev/device /path/to/btab
Mount it:
mount /dev/device /mnt/mntpoint -o btab=/path/to/btab
Then open security levels (specify the highest you want to use):
stegfsopen /mnt/mntpoint N
The tunestegfs tool will allow you to alter the number of copies of inodes
and blocks that are created.