On this page
Encrypt Drive Using Luks
Dec 12, 2022First identify the drive by
$ lsblk
sda 8:0 0 223.6G 0 disk
├─sda1 8:1 0 512M 0 part /boot
├─sda2 8:2 0 6G 0 part [SWAP]
└─sda3 8:7 0 32G 0 part /
sdb 8:16 1 14.3G 0 disk
Encrypt and format
cryptsetup -y -v luksFormat --sector-size 4096 /dev/sdb
cryptsetup luksOpen /dev/sdb cryptdrive
# status of the drive
cryptsetup -v status cryptdrive
# to get the header informations
cryptsetup luksDump /dev/sdb
# replace with zero, `pv` shows the progress
# you can skip this part
pv -tpreb /dev/zero | dd of=/dev/mapper/cryptdrive bs=128M
# for standard linux ext4 file format
mkfs.ext4 /dev/mapper/cryptdrive
# or, make btrf file format
mkfs.btrfs -s 4096 /dev/mapper/cryptdrive
Mount
mkdir $HOME/tmp/mount
mount /dev/mapper/cryptdrive $HOME/tmp/mount
User permission
chown <user_name>:<user_name> -R $HOME/cryptdrive
cryptsetup close /dev/mapper/cryptdrive
For automatically mount the drive
FILE /etc/fstab
UUID= <mount_location> ext4 defaults 0 3