There are many steps involved in the process. I will provide Details for these steps in the next section. I thought it would be nice to provide a summary first to provide reference (if you are experienced with unix/linux you probably don't need the details anyway). Here they are summarized as follows:
Download the newest international crypto patch (I used 'patch-int-22.214.171.124' at the time this document was written) from:
Run 'config' (or 'menuconfig' or 'xconfig') to configure your 'MakeFile' for the new kernel. The options to enable encryption are scattered. First of all, before you will see any other options you must enable 'Prompt for development and/or incomplete code/drivers' under 'Code Maturity level options'. Under 'Crypto options' enable 'crypto ciphers' and 'serpent'. Once again, this document assumes you are using serpent, but try whatever you want. Remember that DES is known to be incompatible as of 126.96.36.199 - it may never be supported at all. There are several important options to select under 'Block Devices'. These include 'Loopback device support', 'Use relative block numbers as basis for transfer functions (RECOMMENDED)', and 'General encryption support'. DO NOT select 'cast 128' or 'twofish' encryption here. Also note that you don't need any of the crypto options under the various network categories. I will not go any further into configuration of the kernel, it is out of the scope of this document and can be found at the LDP site.
Compile the new kernel.
Edit '/etc/lilo.conf' to add the new kernel image. Run 'lilo -v' to add the kernel to the boot loader.
Download the source for the newest 'util-linux' (I used 'util-linux-2.9v') package from:
Apply the corresponding patch found in your '/usr/src/linux/Documentation/crypto/' directory.
CAREFULLY read the 'INSTALL' file! This package contains the sources for many system dependent files (important tools such as 'login', 'passwd', and 'init'). If you don't carefully edit the MCONFIG file before compiling these sources have a boot disk and/or shotgun ready because your system will be quite confused. Basically you want to set almost all of the 'HAVE_*' fields equal to yes so that the important authentication tools are not compiled and written over. The tools you do want rebuilt are 'mount' and 'losetup' to accommodate the new encryption schemes. I suggest that you refer to the Details section below for this step.
Compile and install the 'util-linux' source
Reboot the machine with the new kernel.
Edit '/etc/fstab', adding an entry for your mount point as follows: