Tuesday, 23 December 2014

I am moving to Wordpress.com (http://jotdownux.wordpress.com)

NOTICE


Dear Reader,

I have moved to my new updated wordpress.com blog
Please visit the new page, that also contains the old posts you may be looking for.
I am not continuing with this blog anymore.
https://jotdownux.wordpress.com/

Sunday, 19 February 2012

Linux: RHEL: How to create LUKS encrypted file-system


LUKS encrypted filesystem can be created over any of the block devices like a bare hard disk, logical volume, or a raid array.
To create a LUKS encrypted file-system, we first need to write the block device with random data.

dd if=/dev/urandom of=/dev/sdb bs=1K

This may take a little while depending on the size of the disk.
After that, disk has to be formatted as LUKS:

cryptsetup –verbose luksFormat --verify-passphrase /dev/sdb

Now, open the encrypted disk:

cryptsetup –verbose luksOpen /dev/sdb enc_data

Enc_data will be created under /dev/mapper.
Now, proceed with formatting the encrypted disk with ext4:

mkfs –t ext4 /dev/mapper/enc_data

And, lastly mount the file-system to a mount point.

To close the encrypted disk, unmount the disk first. Then issue the following command:

cryptsetup –verbose luksClose enc_data

To check the status of the encrypted disk:

cryptsetup status enc_data

To open the encrypted disk while booting, put a line with the encrypted disk name and the underlying block device in the 
/etc/crypttab file:

Enc_data       /dev/sdb