wanting to fill in some gaps in luks-encrypted filesystems on ubuntu

i'm whipping up a bunch of short tutorials that will eventually go
into a sys admin course, and right now, i'm putting one together for
how to create a luks-encrypted filesystem on ubuntu 10.10, so i have a
couple questions.

i'm following along here:


and here's the first part of that page:

$ sudo apt-get install -y cryptsetup
$ sudo modprobe sha256
$ sudo modprobe dm_crypt
$ sudo modprobe dm_mod
$ sudo modprobe aes

my first tweak is that the modules on ubuntu appear to be
sha256_generic and aes_generic, not just sha256 and aes; also, dm_mod
appears to be built into the kernel in the standard ubuntu install.
no big deal, just trying to be accurate.

next, we have:

$ sudo cryptsetup luksFormat -c aes -h sha256 /dev/sdb1

which seems to work fine, but after that command is run, is there
anything i can run that would *show* that that partition is now a
luks-formatted partition? i'm always interested in commands that will
display the result of an action, but i'm not aware of anything that
will show me that. running "fdisk -l /dev/sdb" shows just a regular
linus partition. is there something else that would reveal that
partition to be luks-formatted at this point?

moving on to opening the new luks filesystem:

$ sudo cryptsetup luksOpen /dev/sdb1 luksfs

as long as that step succeeds, i can see the result with:

$ ls -l /dev/mapper/luksfs
lrwxrwxrwx 1 root root 7 2011-04-10 03:01 /dev/mapper/luksfs -> ../dm-2

so that's my confirmation for that step. are there any other commands
that would be informative to run that would show any other information
at this point?

finally, if i'm creating this filesystem for the first time, i need
to format it:

$ sudo mkfs.ext4 /dev/mapper/luksfs

at which point, i could use any of the standard ext* fs utilities to
dump the details of that new filesystem, then mount it, etc, etc. and
at the end, umount and luksClose the filesystem.

a very simple walkthrough for luks filesystems. any other cool
things the student would find interesting?



Robert P. J. Day Ottawa, Ontario, CANADA

Twitter: http://twitter.com/rpjday
LinkedIn: http://ca.linkedin.com/in/rpjday

ubuntu-users mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Re: how to save back partition table
    ... Is there any way to save it back, no matter use any tool under XP or ubuntu? ... Before doing any further configurations you should backup your hard disk. ... Guess PC disk partition table, ... Currently supported filesystem or partition types: ...
  • Re: No wired or wireless network
    ... specifically for when someone uses multiple different Linux installs which I ... Upgrading Ubuntu can be a bit fraught. ... As an Ubuntu root partition need only be small by modern standards - ... I have lost data on every allegedly-robust filesystem known to man. ...
  • Re: multiple hard drives
    ... I need help installing my 2nd and 3rd hard drives. ... system and I have installed Ubuntu 6.06 Desktop for Athlon 64. ... extended partition with all remaining space on the drive. ... filesystem with an added journal for recovery). ...
  • Re: Cannot read partitions
    ... After installing Ubuntu, the user could read each of these partitions ... That is the UUID for /dev/hda1, the partition that I changed to jfs. ... UUIDs are set on a _filesystem_, ...
  • Re: Adding codepages
    ... How to install nls_iso8859-8.ko on Ubuntu? ... $ sudo modprobe nls_iso8859-8.ko ... Why is top-posting such a bad thing? ...