Did my blog help you? Please link to me!
05 Feb 10 Linux LUKS Crypt HOWTO
Linux kernels now support encrypted filesystems. Setting one up should take 5 minutes, or 3 hours if you’re like me and can’t read.
Firstly, install the right tools: apt-get install cryptsetup
Make a new partition, and initialize it with: cryptsetup luksFormat /dev/sda3 mycrypto
Where /dev/sda3 is your newly created partition and ‘mycrypto’ is your name for the container.
You will be prompted to type YES in uppercase to confirm your understanding that your partition is about to be wiped. If, like me, you type ‘yes’ in lowercase, it will fail with “Command Failed.”. You’ll then spend hours checking for loaded kernel modules, log files, and trawling google for more information. The answer is to type ‘YES’ in uppercase as you’re told 
Enter a passphrase, and you’re ready to go.
Next, ‘open’ the container. cryptsetup luksOpen /dev/sdb3 enter the passphrase, and you should at this point end up with a /dev/mapper/mycrypto
Format with your desired partition mkfs.ext3 /dev/mapper/mycrypto
Then, you can mount /dev/mapper/mycrypto as you would any other block device: mount /dev/mapper/mycrypto /mnt/my_mount_point
To close the container:
umount /dev/mapper/mycrypto
cryptsetup luksClose mycrypto
Easy
|
I'm Adam Palmer, and I'm a Freelance Embedded Linux/Embedded Hardware enthusiast and Security Consultant. I run 'APNIC Solutions Ltd' and spend most of my time managing server clusters, and doing some PHP/MySQL development, whilst what little spare time I have is dedicated to playing with gadgets. I'm always happy to consult on or manage any Linux related, Web Application or Hosting project. Please get in touch with me! |
