notes from: http://www.xs4all.nl/~hanb/documents/OpenBSDEncryptedFilesystemHOWTO.html
2009/07/30: Above URL dead: updated: http://www.han.dds.nl/documents/OpenBSDEncryptedFilesystemHOWTO.html

Create an empty file to house your partition/filesystem:
	# dd if=/dev/zero of=/path/targetfile bs=1024 count=51200 #(50MB targetfile in /path/)
	51200+0 records in
	51200+0 records out
	52428800 bytes transferred in 0.427 secs (122584552 bytes/sec)

Create a mountpoint:
	# mkdir /path/cryptmount

Use vnconfig to encrypt the file:
	# /sbin/vnconfig -ckv /dev/svnd0c /path/targetfile
	Encryption key:
	/dev/svnd0c: 52428800 bytes on /crypt/cryptfile

Create a filesystem on the file:
	# newfs /dev/rsvnd0c
	/dev/rsvnd0c: 50.0MB in 102400 sectors of 512 bytes
	4 cylinder groups of 12.50MB, 800 blocks, 1664 inodes each
	super-block backups (for fsck -b #) at:
 	32, 25632, 51232, 76832,

Mount the device on your mountpoint:
	# mount /dev/svnd0c cryptmount/

See that it's enabled: 
	# vnconfig -l svnd0c
	vnd0: covering cryptfile on wd0a, inode 6547970

Disable/detach it:
	# vnconfig -uv svnd0c
	rsvnd0c: cleared
	# vnconfig -l svnd0c
	vnd0: not in use

Mounting: 
	# mount_vnd -k cryptfile /dev/svnd0c
	Encryption key:

See that its mounted:
	# mount
	/dev/wd1a on / type ffs (local, softdep)
	/dev/wd1d on /usr type ffs (local, nodev, softdep)
	/dev/wd0a on /var/www/htdocs/web type ffs (local, nodev, softdep)
	/dev/wd2a on /usr/backup type ffs (local, nodev, softdep)
-->	/dev/svnd0c on /crypt/cryptmount type ffs (local)

To mount/access your filesystem:
 Configure the file to the device, then mount the device to your mountpoint:
	mount_vnd -k cryptfile /dev/svnd0c
	mount /dev/svnd0c cryptmount/

To umount/disable this filesystem:
 Unmount the device from the mountpoint, then unconfigure the device.
	umount cryptmount
	vnconfig -u /dev/svnd0c

	vnconfig -l