make an external luks encrypted disk

fdisk /dev/sdb
cryptsetup –verbose –verify-passphrase –cipher aes-cbc-essiv:sha256 luksformat /dev/sdb1
cryptsetup luksOpen /dev/sdb1 name
mke2fs -j -L “Label” -m 1 /dev/mapper/name
mkdir /mnt/name
mount /dev/mapper/name /mnt/name

Unmount
umount /mnt/name
cryptsetup luksClose /dev/sdb1

Now add a keyfile
dd if=/dev/urandom of=/etc/keyfile bs=512 count=4
chmod 400 /etc/keyfile
cryptsetup luksAddKey /dev/sdb1 /etc/key
cryptsetup –key-file /etc/keyfile luksOpen /dev/sdb1 name

Ref:
http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian
http://wiki.archlinux.org/index.php/System_Encryption_with_LUKS_for_dm-crypt

Leave a Reply