If you do not have cryptsetup command you can install the package with:
# yum install cryptsetup-luks
In my case I did not have to install, I already had it.
Warning: Your data in the partition will be lost, please backup your files, if you have any.
1) Command to format the partition with the encryption
# cryptsetup -y -v luksFormat /dev/sdb1 (or any logical volume /dev/mapper/vg1-lv1)
It will ask you to enter: YES option then you will have to enter a passphrase
2) Now you will map your encrypted device
# cryptsetup luksOpen /dev/sdb1 safefs
it will ask you for the passphrase
You can check the mapped device after it is done with
# ls -l /dev/mapper/safefs
# cryptsetup -v status safefs
3) You will need to format the mapped device with:
# mkfs.ext4 /dev/mapper/safefs
4) Create a directory to mount the mapped filesystem
# mkdir /safefsmount
5) Mount the filesystem to the folder you have just created
# mount -t ext4 /dev/mapper/safefs /safefsmount
6) Please check your SELinux configurations too
7) Open cryptsetup configuration file and enter following input
# vim /etc/crypttab
safefs /dev/sda1 none
Above our mapping name, encrypted filesystem and third one is do not decrypt the passphrase (prompt for the password)
8) To make our mountpoint persistent to reboot enter the information to /etc/fstab file
# vim /etc/fstab
/dev/mapper/safefs /safefsmount ext4 defaults 0 0
9) Finally, reboot your system
# reboot (init 6)
When the system is booted it will ask you to enter the passphrase.
To unmount and secure your data you can
# umount /safefsmount
#cryptsetup luksClose safefs
# yum install cryptsetup-luks
In my case I did not have to install, I already had it.
Warning: Your data in the partition will be lost, please backup your files, if you have any.
1) Command to format the partition with the encryption
# cryptsetup -y -v luksFormat /dev/sdb1 (or any logical volume /dev/mapper/vg1-lv1)
It will ask you to enter: YES option then you will have to enter a passphrase
2) Now you will map your encrypted device
# cryptsetup luksOpen /dev/sdb1 safefs
it will ask you for the passphrase
You can check the mapped device after it is done with
# ls -l /dev/mapper/safefs
# cryptsetup -v status safefs
3) You will need to format the mapped device with:
# mkfs.ext4 /dev/mapper/safefs
4) Create a directory to mount the mapped filesystem
# mkdir /safefsmount
5) Mount the filesystem to the folder you have just created
# mount -t ext4 /dev/mapper/safefs /safefsmount
6) Please check your SELinux configurations too
7) Open cryptsetup configuration file and enter following input
# vim /etc/crypttab
safefs /dev/sda1 none
Above our mapping name, encrypted filesystem and third one is do not decrypt the passphrase (prompt for the password)
8) To make our mountpoint persistent to reboot enter the information to /etc/fstab file
# vim /etc/fstab
/dev/mapper/safefs /safefsmount ext4 defaults 0 0
9) Finally, reboot your system
# reboot (init 6)
When the system is booted it will ask you to enter the passphrase.
To unmount and secure your data you can
# umount /safefsmount
#cryptsetup luksClose safefs
You can always access to your secure information with the same open command of cryptsetup.
mirror error 14 deyapti ku
ReplyDelete