To start out we need free space on a drive that isnâ€™t partitioned, or enough patience to resize an existing one. Just about everything here needs root privileges, since weâ€™re working with filesystems. It would be easiest to start a root terminal with su -, then enter your password.First, we install the tools to get the encrypted partition going: [apt-get/yum] install cryptsetup hashalot gparted
Next, we use gparted to create a 20GB partition at the end of my disk. Itâ€™s a dead simple drag nâ€™ drop application similar in function to Partition Magic or other GUI partition editorsâ€¦ hopefully you donâ€™t need instructions. Make sure to record the name of the new partition! Everything here that says /dev/sda2 is going to change based on your hardware and partitioning scheme.
After that completes (which can take some time if any resizing or moving of an existing partition happens), we need to set a password.
cryptsetup --verbose --verify-passphrase luksFormat /dev/sda2
This command will create a device called /dev/mapper/sda2 and give us access to the encrypted volume after verifying the password:
cryptsetup luksOpen /dev/sda2 sda2
By now weâ€™re knee deep in waist-high water. Iâ€™m not quite sure what that meansâ€¦ I just made it up. Say it out loudâ€¦ rolls off the tongue. Sorryâ€¦ where was I? Ah right. Iâ€™ll try to explain where weâ€™re at right now, for my benefit as well as yours.
At this moment, we have a partition called /dev/sda2. That raw partition now has an encrypted container inside, located at /dev/mapper/sda2. The last step is to actually format the encrypted volume so we can actually put some files on there. This can also be done in gparted if you want to split things up into multiple partitions, use the drive dropdown box to find the mapper.
/sbin/mkfs.ext3 -j -m 1 -O dir_index,filetype,sparse_super /dev/mapper/sda2
Next, weâ€™ll make a directory to mount the encrypted volume and then actually mount it:
mount /dev/mapper/sda2 /mnt/test
Now we can copy files into /mnt/test and every file located there will be encrypted. Sweet!
To unmount the volume, use the following commands:
cryptsetup luksClose sda2
I bet youâ€™re asking the question we all areâ€¦ How fast is it? Good question. The answer is a pain in the ass to be honest. Follow the link below for the speed tests.
Related Posts: On this day...
- David Choe Just Made 200 Million USD for Painting the Facebook Office - 2012
- Free excerpt from Jo Walton's brilliant Among Others - 2011
- Federal Court Dismisses Pittsburgh Couple, the Borings (no joke), Privacy Suit Against Google Street View - 2010
- America's Biggest Rip-offs - 2010
- ATM Skimmers Part II - 2010
- Your Facebook is their fortune - 2009
- All your passports are belong to us - 2009
- Encryption Security - 2009
- Pittsburgh Steelers: Super Bowl 43 Champions! - 2009