Note: This procedure has not yet been verified. Its just theory!!!
For this procedure I assume that the data partition is on
Moreover, its much more secure to use a secure key here once again.
Required steps are:
$ shred --verbose /dev/hda2 $ gpg --decrypt /etc/secure/datapartition.gpg | cryptsetup create datapartition /dev/hda2 $ mkfs -t ext2 /dev/mapper/datapartition $ tune2fs -c 0 -i 1m /dev/mapper/datapartition
Note: Do NOT use a journaling filesystem. The explanation why not is here.
After the basic setup is made, add the partition to
# <target device> <source device> <key file> <options> datapartition /dev/hda2 /etc/secure/datapartition.gpg