Friday, March 04, 2011

Encrypted partition in Linux

To create encrypted disks we are using cryptsetup

#apt-get install cryptsetup

Backup your data and optionally clean it:
#shred -n1 -v /dev/sdaX

Initializes a LUKS partition (warning!):
#cryptsetup luksFormat /dev/sdaX

 Type "YES". It will ask for a password for filesystem. Use a secure password, otherwise encryption wont help you.
There is other options for securing. Check the cryptsetup manual for details.


Open and sets up a mapping for LUKS partition:
#cryptsetup luksOpen /dev/sdaX your_map_name

Format the LUKS partition using the mapping:
#mkfs.ext3 /dev/mapper/your_map_name

Now you can mount it:
#mount /dev/mapper/your_map_name /mnt/your_mount_name


Optionally you can umount and (removes mapping) lock the LUKS again:
#umount  /mnt/your_mount_name
#cryptsetup luksClose your_map_name

I have tested this in Debian 6.0.0.
You may need to load module (optionally you may add in /etc/modules):
modprobe dm_mod


Edit /etc/crypttab
# <target name="">  <source device="">         <key file="">      <options>
your_map_name            /dev/sdaX               none            luks


Edit /etc/fstab
# <file system=""> <mount point="">nbsp;  <type>   <options>       <dump>   <pass>
/dev/mapper/your_map_name      /mnt/your_mount_name  ext3    user,auto       0       0


You can reboot. It will ask for the password while booting.


source:
http://www.debian-administration.org/article/Encrypting_an_existing_Debian_lenny_installation
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3683011/Protect-Your-Stuff-With-Encrypted-Linux-Partitions.htm
http://www.linuxconfig.org/Partition_Encryption

Posted by salahuddin66 at 1:38 AM

Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)