public:managing_luks_on_debian
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| public:managing_luks_on_debian [2024/03/22 23:19] – [References] thomas | public:managing_luks_on_debian [2024/08/05 17:04] (current) – [Creating an encrypted volume] thomas | ||
|---|---|---|---|
| Line 4: | Line 4: | ||
| Since LUKS works directly on the block device, all commands listed below must be executed **as root**. | Since LUKS works directly on the block device, all commands listed below must be executed **as root**. | ||
| + | |||
| + | ===== Installing cryptsetup ===== | ||
| + | |||
| + | Cryptsetup is the command used to manage LUKS. You can install it like this: | ||
| + | |||
| + | < | ||
| + | apt-get install cryptsetup | ||
| + | </ | ||
| + | |||
| + | ===== Creating an encrypted volume ===== | ||
| + | |||
| + | < | ||
| + | cryptsetup -v --type luks2 luksFormat /dev/DEVICE | ||
| + | </ | ||
| + | |||
| + | You can also create an encrypted volume on a disk image instead. In that case, first create the disk image with a command like the following: | ||
| + | |||
| + | < | ||
| + | touch disk.img | ||
| + | fallocate -v -l 100MiB disk.img | ||
| + | </ | ||
| + | |||
| + | Don't use sparse images. LUKS will consider them too small. | ||
| + | ===== Opening an encrypted volume ===== | ||
| + | |||
| + | < | ||
| + | cryptsetup luksOpen /dev/DEVICE volumename | ||
| + | </ | ||
| + | |||
| + | The volume should then become available at / | ||
| + | |||
| + | ===== Closing an encrypted volume ===== | ||
| + | |||
| + | < | ||
| + | cryptsetup luksClose volumename | ||
| + | </ | ||
| + | |||
| ===== Listing slots ===== | ===== Listing slots ===== | ||
public/managing_luks_on_debian.1711149569.txt.gz · Last modified: by thomas