Posted By

Dorgendubal on 06/28/09


Tagged

linux security ubuntu encrypt disk partition cryptsetup


Versions (?)

Who likes this?

1 person have marked this snippet as a favorite

maxid


Encrypt your /home partition


 / Published in: Bash
 

Ideal if you have a laptop. If someone steals it, he will not be able to read all your mails and documents with precious information (about passwords, accounts, credit cards, private stuffs, etc...).

This snippet is considering that you are using Ubuntu as OS and you already have a dedicated partition for home (/dev/sda5 in my example).

  • Steps 1-3 are pre-requirements.
  • Steps 5-7 encrypts the partition and formats it as ext3 (make sure that you have a backup of your home somewhere!!!)
  • Steps 10 and 13 are not commands but lines to be added (or modified) in the editing files (Step 9 and 12). You have to be familiar with /etc/fstab to understand it.
  • Other steps are for configuring your system such your home partition gets automatically mounted on startup (you will be prompted for password during boot).

Enjoy security!

  1. apt-get install cryptsetup
  2. sudo modprobe dm-crypt
  3. umount /home
  4.  
  5. cryptsetup --size 256 --cipher 'aes-cbc-essiv:sha256' luksFormat /dev/sda5
  6. cryptsetup luksOpen /dev/sda5 luks-home
  7. mkfs.ext3 /dev/mapper/luks-home
  8.  
  9. vi /etc/crypttab
  10. luks-home /dev/sda5 none luks
  11.  
  12. vi /etc/fstab
  13. /dev/mapper/luks-home /home ext3 defaults,noatime 0 2
  14.  
  15. reboot

Report this snippet  

You need to login to post a comment.