Loading...

Linux File System Encryption Tutorial

11,564 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Mar 5, 2012

This tutorial shows how to setup and use an encrypted file system on your GNU/Linux operating system.

The following commands can be used when setting up an encrypted file system:


Wipe the device with one pass of zero data followed by one pass of random data:
dd if=/dev/zero of=/dev/"device""partition" bs=1M
dd if=/dev/urandom of=/dev/"device""partition" bs=1M

#where "device""partition" is the device ( and partition ) to be used.


Setup an unformatted partition on the device using GNU Parted:
parted /dev/"device"
mklabel msdos
mkpart primary 0% 100%

#where "device" is the device to be used.


Encrypt the device using cryptsetup and make an ext4 file system on the device:
cryptsetup luksFormat --verbose --cipher=aes-xts-plain64 --key-size=512 --hash=sha512 --verify-passphrase /dev/"device""partition"
cryptsetup luksOpen /dev/"device""partition" "name"
mkfs -t ext4 -m 1 /dev/mapper/"name"
cryptsetup luksClose "name"

#where "device""partition" is the device and partition to be used;
#where "name" is an arbitrary name defined when mapping the device.


Decrypt and mount the encrypted file system for access and use:
cryptsetup luksOpen /dev/"device""partition" "name"
mount -t ext4 /dev/mapper/"name" /mnt/"mountpoint"

#where "device""partition" is the device and partition to be used;
#where "name" is an arbitrary name defined when mapping the device;
#where "mountpoint" is the name of a directory selected to mount the device to.


Unmount and unmap the encrypted file system for device removal:
umount /mnt/"mountpoint"
cryptsetup luksClose "name"

#where "mountpoint" is the name of the mount point selected previously;
#where "name" is the name defined when mapping the device.


Wipe a file from an unencrypted file system to remove any sensitive data:
shred --remove --zero --verbose "file"

#where "file" is the path of the file to be wiped.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...