Skip to content

Instantly share code, notes, and snippets.

@qevo

qevo/luks-quick-guide.md

Created January 24, 2017 16:32
Show Gist options
  • Save qevo/a4e56aac54bfa370d0ec11e19bb89d5f to your computer and use it in GitHub Desktop.
Save qevo/a4e56aac54bfa370d0ec11e19bb89d5f to your computer and use it in GitHub Desktop.
Download ZIP
LUKS encryption quick guide
Raw
luks-quick-guide.md

LUKS Encryption Quick Guide

Learn more about Linux Unified Key Setup.

Create Device

# create partition
fdisk /dev/sdX

# initiate partition encryption (optional, but suggested)
cryptsetup open --type plain /dev/sdXN container

# fill with encrypted data (optional, but suggested)
dd if=/dev/zero of=/dev/mapper/container

# establish LUKS encryption
cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 8000 --use-random luksFormat /dev/sdXN

Create File

# create file of N size
fallocate -l N /path/to/file

# establish LUKS encryption
cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 8000 --use-random luksFormat /path/to/file

# decrypt LUKS
cryptsetup luksOpen /path/to/file container

# fill with encrypted data (ensure real disk allocation. maybe optional, but suggested)
dd if=/dev/zero of=/dev/mapper/container

# close LUKS
cryptsetup luksClose container

Open LUKS file space

# decrypt LUKS
cryptsetup luksOpen /dev/sdXN container

Create file system

mkfs.ext4 /dev/mapper/container

Access LUKS file space

/dev/mapper/container points to the decrypted file space. container can be replaced with your string of choice.

Mount

mount /dev/mapper/container /mountpoint

Unmount

umount /mountpoint

Close LUKS file space

(be sure to unmount first)

cryptsetup luksClose container
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment