本例加密硬盘/dev/sdb
Step1:创建加密
root@AWS:~# cryptsetup luksFormat /dev/sdb
WARNING!
========
这将覆盖 /dev/sdb 上的数据,该动作不可取消。
Are you sure? (Type uppercase yes): YES
输入 /dev/sdb 的口令:
确认密码:
root@AWS:~#
Step2:创建挂载点
root@AWS:~# mkdir /lfs
Step3:映射分区
root@AWS:~# cryptsetup luksOpen /dev/sdb lfs
输入 /dev/sdb 的口令:
root@AWS:~#
Step4:格式化、挂载分区
root@AWS:~# mkfs.ext4 /dev/mapper/lfs
mke2fs 1.44.5 (15-Dec-2018)
Creating filesystem with 18345984 4k blocks and 4587520 inodes
Filesystem UUID: f92ea6b3-2871-4000-bce9-a8aab7a7cf3d
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424
Allocating group tables: done
Writing inode tables: done
Creating journal (131072 blocks): done
Writing superblocks and filesystem accounting information:
done
root@AWS:~#
root@AWS:~# mount /dev/mapper/lfs /lfs
Step5:格式化、挂载分区
root@AWS:~# vi /etc/fstab
UUID="f92ea6b3-2871-4000-bce9-a8aab7a7cf3d" /lfs ext4 defaults 0 0
Step6:设置自动加密挂载
root@AWS:~# touch /root/cryptpasswd
root@AWS:~# cryptsetup luksAddKey /dev/sdb /root/cryptpasswd
root@AWS:~# vi /etc/crypttab