Linux - Encrypted Partition

Creating Encrypted Partition in Unix is not that hard. I will show the sequence of commands with dd, cryptsetup, losetup and mount to create a encrypted partition. Make sure you have the above commands installed. (ie, you can use apt-get install cryptsetup to install cryptsetup)

Creating an Encrypted Partition

1. Creating a file with 5MB. Note: The encrypted.img is self-defined

 dd if=/dev/urandom of=encrypted.img bs=1M count=5

2. Tell Linux to treat it as a disk device. Note: you can use loop0 to loop9.

 sudo losetup /dev/loop0 encrypted.img 

3. Create AES encrypted partition with 256 key length

 sudo cryptsetup luksFormat -c aes -s 256 /dev/loop0

4. Tell Linux to treat the encrypted partition as disk device. Note: encryptedVolume is self-defined

 sudo cryptsetup luksOpen /dev/loop0 encryptedVolume 

5. For the encrypted volume

 sudo mkfs -t vfat /dev/mapper/encryptedVolume 

6. Close encrypted volume

 sudo cryptosetup luksClose encryptedVolume 

7. Detach the device

 sudo losetup -d /dev/loop0 

Using the Encrypted File

1. Tell Linux to treat file as device

 sudo losetup /dev/loop0 encrypted.img 

2. Tell Linux to treat the ecnrypted partition as disk device

 sudo cryptsetup luksOpen /dev/loop0 encryptedVolume

3. Mount the disk to /mnt. You can access the files at /mnt after the command execution

 sudo mount /dev/mapper/myvolume /mnt

Cleanup After Usage

1. Unmount the volume

 sudo umount /dev/mapper/encryptedVolume

2. Close the encrypted volume

 sudo cryptsetup luksClose encryptedVolume

3. Detach the loop device

 sudo losetup -d /dev/loop0