encrypted data partition

Note: This procedure has not yet been verified. Its just theory!!!

setup the partition

For this procedure I assume that the data partition is on /dev/hda2.

Moreover, its much more secure to use a secure key here once again.

Required steps are:

$ shred --verbose /dev/hda2
$ gpg --decrypt /etc/secure/datapartition.gpg | cryptsetup create datapartition /dev/hda2
$ mkfs -t ext2 /dev/mapper/datapartition
$ tune2fs -c 0 -i 1m /dev/mapper/datapartition

Note: Do NOT use a journaling filesystem. The explanation why not is here.

After the basic setup is made, add the partition to /etc/crypttab:

# <target device> <source device> <key file> <options>
datapartition /dev/hda2 /etc/secure/datapartition.gpg
harry/encrypted_data_partition.txt · Last modified: 2004/09/09 10:15 (external edit)
Locations of visitors to this page

Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki