Cryptsetup Operations: Difference between revisions
Jump to navigation
Jump to search
Line 33: | Line 33: | ||
cryptsetup open /dev/sdb rackstationb | cryptsetup open /dev/sdb rackstationb | ||
Upon providing the correct passphrase, the encrypted device will be mounted as /dev/mapper/rackstationb: | Upon providing the correct passphrase, the encrypted device will be mounted as <tt>[[Dm-crypt#.2Fdev.2Fmapper|/dev/mapper]]/rackstationb</tt>: | ||
cd /dev/mapper/ | cd /dev/mapper/ | ||
ls -al rackstationb | ls -al rackstationb | ||
lrwxrwxrwx. 1 root root 7 Dec 24 00:36 rackstationb -> ../dm-2 | lrwxrwxrwx. 1 root root 7 Dec 24 00:36 rackstationb -> ../dm-2 |
Revision as of 08:57, 24 December 2018
Internal
Overview
cryptsetup is the userspace utility used to manage the dm-crypt encryption functionality.
Installation
yum install cryptsetup
Encrypting a Block Device with cryptsetup/LUKS
Format the block device with LUKS and assign it a passphrase (it is also possible to use a key file). The command will ask for a passphrase at the console:
cryptsetup luksFormat -y -v /dev/sdb
Test password: b4H4x9_3hdHEd
After 'luksFormat' operation, the block device is now type "", as blkid shows:
# blkid ... /dev/sdb: UUID="8a5fa3ae-d997-4c3a-a6f6-ab7ac9007ef8" TYPE="crypto_LUKS"
Open the crypto_LUKS device with:
cryptsetup open <luks-device> <mapping-name>
where <mapping-name> is the name of the device that will be created under /dev/mapper:
cryptsetup open /dev/sdb rackstationb
Upon providing the correct passphrase, the encrypted device will be mounted as /dev/mapper/rackstationb:
cd /dev/mapper/ ls -al rackstationb lrwxrwxrwx. 1 root root 7 Dec 24 00:36 rackstationb -> ../dm-2