Differences

This shows you the differences between two versions of the page.

--- encryption:luks-partition [2021/11/10 00:11] – ↷ Page name changed from encryption:luks to encryption:luks-partition chuck
+++ encryption:luks-partition [2021/11/10 00:17] (current) – chuck
@@ Line 1: / Line 1: @@
-======LUKS======
+======LUKS Encrypted Partition======
 ----
-=====LUKS Encrypted Partition/Drive=====
+=====Change LUKS Partition Password=====
-====Change LUKS Partition Password====
   * Find the drive with the luks headers:<code bash>
 cat /etc/crypttab
@@ Line 30: / Line 29: @@
 ----
-====Unlock LUKS Partition from GRUB====
+=====Unlock LUKS Partition from GRUB=====
   * Insert luks module:<code bash>
 grub rescue> insmod luks
@@ Line 40: / Line 39: @@
 grub rescue> cryptomount (hd0,gpt2)
 </code>
-    * To use uuid instead, use the ''%%-u%%'' option
+    * To use uuid instead, use the ''%%-u%%'' option:<code bash>
+grub rescue> cryptomount -u 8f5fc81c-41bb-11ec-81d3-0242ac130003
+</code>
   * Enter passphrase:<code bash>
 Attempting to decrypt master key...
@@ Line 57: / Line 58: @@
 grub rescue> normal
 </code>
-  * https://www.gnu.org/software/grub/manual/grub/html_node/Commands.html#Commands
-  * https://www.gnu.org/software/grub/manual/grub/html_node/GRUB-only-offers-a-rescue-shell.html#GRUB-only-offers-a-rescue-shell
 ----
-=====LUKS Encrypted Storage=====
+=====Links=====
+  * https://www.gnu.org/software/grub/manual/grub/html_node/Commands.html#Commands
-<WRAP tip>
+  * https://www.gnu.org/software/grub/manual/grub/html_node/GRUB-only-offers-a-rescue-shell.html#GRUB-only-offers-a-rescue-shell
-With cryptsetup 2.1.0, the LUKS header takes up just under 16MiB, so the partition size must be 16MiB + the size of the data you want to store in it.
-</WRAP>
-====Create a LUKS Storage Container====
-  * Create a 20Mb file filled with random data: ((https://pthree.org/2012/02/20/randomize-first-the-encrypt-your-block-device/))<code>
-sudo dd if=/dev/urandom of=encrypted.luks.img iflag=fullblock bs=1M count=20
-</code>
-  * Switch to root:<code>
-sudo -s
-</code>
-  * Set permissions:<code>
-chmod go= encrypted.luks.img
-</code>
-  * Configure encryption:<code>
-cryptsetup --verbose luksFormat encrypted.luks.img
-cryptsetup --verbose --use-random luksFormat encrypted.luks.img
-</code>
-  * Open the encrypted container:<code>
-cryptsetup --verbose luksOpen encrypted.luks.img encrypted
-</code>
-  * Create filesystem:<code>
-mkfs.ext4 /dev/mapper/encrypted
-</code>
-  * Create directory to mount the container:<code>
-mkdir /mnt/encrypted
-</code>
-  * Mount the container:<code>
-mount -t ext4 -o journal_checksum /dev/mapper/encrypted /mnt/encrypted
-</code>
-  * Chown it:<code>
-chown chuck: /mnt/encrypted
-</code>
-  * Set permissions:<code>
-chmod go= /mnt/encrypted
-</code>
-  * Switch back to $USER:<code>
-exit
-</code>
-----
-====Copy Files to the LUKS Storage Container====
-  * Copy or create your files:<code>
-cp /files/to/copy /mnt/encrypted
-</code>
-----
-====Close the LUKS Storage Container and Lock it====
-  * Switch to root:<code>
-sudo -s
-</code>
-  * Unmount the container:<code>
-umount /mnt/encrypted
-</code>
-  * Close the encrypted container:<code>
-cryptsetup luksClose encrypted
-</code>
-  * Switch back to $USER:<code>
-exit
-</code>
-----
-====Change Password on a LUKS Encrypted Storage Container====
-  * If you want/need to change the password:<code bash>
-sudo cryptsetup luksChangeKey encrypted.luks.img
-</code>
-----