How To Encrypt a Linux File System Partition for Backup Drives
Вставка
- Опубліковано 23 лис 2024
- I encrypt my Linux offsite backup file systems disks for my home Linux Server. Once I have secured the hard drive, I can then Rsync all of my files from my RAID 5 storage SAMBA storage share to the external HDD. This process can work for thumb drives, SD cards, IDE, SATA drive or any storage device that you use on Linux.
Command References:
Make sure drive is plugged in and seen:
ls /dev/sd*
Create a partition on the drive with parted:
parted /dev/sd[letter]
mklabel msdos
mkpart
Now setup the encryption on the partition:
cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat /dev/sd[letter]1
Mount the encrypted partition into the system:
cryptsetup open --type luks /dev/sd[letter]1 backup
Note: You must make the folder where you wan tot mount the volume
mkdir /backup
Format the encrypted partiton with a file system
mkfs.ext4 /dev/mapper/backup
Mount the file system:
NOTE: You must make the folder where you wan to mount the volume first:
mkdir /backup
mount /dev/mapper/backup /backup
Verify the partition is mounted as /backup
df -h
When done with copying you can unmount with
umount /backup
Verify the cache is writen
sysctl --write vm.drop_caches=3
Close the Crypto volume:
cryptsetup close backup
In the future you can plug in drive and do "ls /dev/sd*" to verify it is seen then open it:
cryptsetup open --type luks /dev/sd[letter]1 backup
And mount it
mount /dev/mapper/backup /backup
