Encrypt the partition with cryptsetup

Warning: this is a private study note only. There is no guarantee of the correctness of the contents. 

1. prepare a USB pen drive
2. check its label with lsblk

[jerry@jerrycc_laptop ~]$ lsblk
NAME            MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda               8:0    0 465.8G  0 disk
├─sda1            8:1    0   200M  0 part
...
sdb               8:16   1   1.9G  0 disk 

3.  Create new partition with fdisk:
For example, you'll get a partition called /dev/sdb1

4. Format the partition with LUKS format:
> sudo cryptsetup -y luksFormat /dev/sdb1 

5. Open the partition and create the name for the mapper:
> sudo cryptsetup luksOpen /dev/sdb1 myEncryptDisk

6. Format the partition with regular file system formats:
Note that you have to find the partition in the device mapper directory

> ls -al /dev/mapper/
lrwxrwxrwx.  1 root root       7  1月 16 23:16 myEncryptDisk -> ../dm-3

Then you format the partition with specific file system chosen (ext4 for example)
> sudo mkfs.ext4 /dev/mapper/myEncryptDisk

7. Mount the mapper to the system with mount. and use it.
8. After you're done, umount it.

9.  Lock the partition:
> sudo cryptsetup luksClose myEncryptDisk

10. Unlock existing partition
go to step 5., create a new mapper name, and so on.

留言

張貼留言

這個網誌中的熱門文章

在 vimtutor 的 help 遇到 E434: Can't find tag pattern 問題ㄒ

在使用 vimtutor 學習 VIM 操作時,遇到進入 help,卻無法使用 Ctrl+] 跳轉到特定 tag 的問題。 錯誤碼:E434: Can't find tag pattern 查詢當前 VIM版本 > vim --version VIM - Vi IMproved 7.4 (2013 Aug 10, compiled Aug  2 2017 00:45:39) Included patches: 1-160 應該是最新的。 後來發現,若不使用 vimtutor,直接從 bash 啟動 VIM,就沒有這個問題。 所以問題可能出在 vimtutor 的啟動方式。 暫時沒時間去研究啟動 vimtutor 的 bash 檔,先把路徑貼在這裡,供大家參考: > vim /usr/bin/vimtutor
閱讀完整內容

Logical volume management LVM

1. Prepare a USB disk consisting of 3 empty partitions: > lsblk ... sdb               8:16   1  28.9G  0 disk  ├─sdb1            8:17   1   500M  0 part  ├─sdb2            8:18   1   600M  0 part  └─sdb3            8:19   1   700M  0 part  2. Create physical volumes (pv) for each one of the partitions: > sudo pvcreate /dev/sdb{1,2,3}   Physical volume "/dev/sdb1" successfully created.   Physical volume "/dev/sdb2" successfully created.   Physical volume "/dev/sdb3" successfully created. 3. Verify the creation with pvscan: >sudo pvscan  PV /dev/sda7   VG centos          lvm2 [96.65 GiB / 4.00 MiB free]   PV /dev/sdb1                      lvm2 [500.00 MiB]   PV /dev/sdb3                      lvm2 [700.00 MiB]   PV /dev/sdb2                      lvm2 [600.00 MiB]   Total: 4 [98.41 GiB] / in use: 1 [96.65 GiB] / in no VG: 3 [<1.76 GiB] 3. Create a volume group (vg) consisting 2 physical volumes: > sudo
閱讀完整內容

Create a CentOS installation USB key with dd command

1. Prepare an USB key. 2. Copy the iso to the USB with dd command: [Warning!!] This will overwrite all the existing data on the disk. > sudo dd if=CentOS-7-x86_64-DVD-1708.iso of= /dev/sdb bs=1M status=progress 4519362560 bytes (4.5 GB) copied, 906.896074 s, 5.0 MB/s     ... (wait) 4312+0 records in 4312+0 records out 4521459712 bytes (4.5 GB) copied, 1240.27 s, 3.6 MB/s Note: Set the output stream to /dev/sd x  instead of /dev/sdb x . 3. Verfiy with fdisk > sudo fdisk -l ... Disk /dev/sdb : 31.0 GB, 30998003712 bytes, 60542976 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x1302a8b3    Device Boot      Start         End      Blocks   Id  System /dev/sdb1   *           0     8830975     4415488    0  Empty /dev/sdb2            2320       20295        8988   ef  EFI (FAT-12/16/32) ... 4. Reboot the compute
閱讀完整內容