Linux - Encrypt Partition / File on Portable Hard Disk & Flash Drive
Environment
Introduction
Wanna encrypt the portable hard disk & flash drive. Let these are more secure
Procedures
Install the utilities
Write the data for encrypting the partition or file. This can be chosen to use
For Portable hard disk
Now go to encrypt it. For the flash drive, losetup it first
If wanna find what cipher is supported
After this, can check LUKS header information
Mount and format the encrypted partition
Umount the encrypted partition
Reference
- Ubuntu 9.04
Introduction
Wanna encrypt the portable hard disk & flash drive. Let these are more secure
Procedures
Install the utilities
#apt-get install ntfsprogs
#apt-get install cryptsetup cryptmount
Write the data for encrypting the partition or file. This can be chosen to use
- Faster, e.g. 19.4MB/s
#dd if=/dev/zero of=/dev/sdb2 bs=4k
- Check badblocks and write random data at the same time
#badblocks -c 10240 -s -w -t random -v /dev/sdb2
- More secure, also need more time, e.g. 5.3MB/s
#dd if=/dev/urandom of=/dev/sdb2 bs=4k
For Portable hard disk
#dd if=/dev/zero of=/dev/sdb2 bs=4kFor Flash drive
#dd if=/dev/zero of=/media/4GUF/SecVol01.vol bs=4k count=30000
Now go to encrypt it. For the flash drive, losetup it first
#losetup /dev/loop2 /media/4GUF/SecVol01.volRun cryptsetup to set to use which cipher and key size
#cryptsetup --verbose --cipher "aes-cbc-essiv:sha256" --key-size 256 --verify-passphrase luksFormat /dev/sdb2
If wanna find what cipher is supported
#modinfo /lib/modules/`uname -r`/kernel/crypto/* | grep alias
#modinfo /lib/modules/`uname -r`/kernel/crypto/* | grep description
#cat /proc/crypto
After this, can check LUKS header information
cryptsetup luksDump /dev/sdb2
Mount and format the encrypted partition
#cryptsetup luksOpen /dev/sdb2 SecVol01
#mkfs.ntfs -f /dev/mapper/SecVol01
#mount /dev/mapper/SecVol01 /mnt/tmp
Umount the encrypted partition
#umount /mnt/tmpIf the flash drive
#cryptsetup luksClose SecVol01
#losetup -d /dev/loop2
Reference