wanting to fill in some gaps in luks-encrypted filesystems on ubuntu

Robert P. J. Day rpjday at crashcourse.ca
Sun Apr 10 07:06:25 UTC 2011 

  i'm whipping up a bunch of short tutorials that will eventually go
into a sys admin course, and right now, i'm putting one together for
how to create a luks-encrypted filesystem on ubuntu 10.10, so i have a
couple questions.

  i'm following along here:

http://myotragusbalearicus.wordpress.com/2010/11/15/create-an-encrypted-filesystem-with-luks-on-ubuntu/

and here's the first part of that page:

$ sudo apt-get install -y cryptsetup
$ sudo modprobe sha256
$ sudo modprobe dm_crypt
$ sudo modprobe dm_mod
$ sudo modprobe aes

  my first tweak is that the modules on ubuntu appear to be
sha256_generic and aes_generic, not just sha256 and aes; also, dm_mod
appears to be built into the kernel in the standard ubuntu install.
no big deal, just trying to be accurate.

  next, we have:

$ sudo cryptsetup luksFormat -c aes -h sha256 /dev/sdb1

which seems to work fine, but after that command is run, is there
anything i can run that would *show* that that partition is now a
luks-formatted partition?  i'm always interested in commands that will
display the result of an action, but i'm not aware of anything that
will show me that.  running "fdisk -l /dev/sdb" shows just a regular
linus partition.  is there something else that would reveal that
partition to be luks-formatted at this point?

  moving on to opening the new luks filesystem:

$ sudo cryptsetup luksOpen /dev/sdb1 luksfs

as long as that step succeeds, i can see the result with:

$ ls -l /dev/mapper/luksfs
lrwxrwxrwx 1 root root 7 2011-04-10 03:01 /dev/mapper/luksfs -> ../dm-2
$

so that's my confirmation for that step.  are there any other commands
that would be informative to run that would show any other information
at this point?

  finally, if i'm creating this filesystem for the first time, i need
to format it:

$ sudo mkfs.ext4 /dev/mapper/luksfs

at which point, i could use any of the standard ext* fs utilities to
dump the details of that new filesystem, then mount it, etc, etc.  and
at the end, umount and luksClose the filesystem.

  a very simple walkthrough for luks filesystems.  any other cool
things the student would find interesting?

rday

-- 

========================================================================
Robert P. J. Day                                 Ottawa, Ontario, CANADA
                        http://crashcourse.ca

Twitter:                                       http://twitter.com/rpjday
LinkedIn:                               http://ca.linkedin.com/in/rpjday
========================================================================

More information about the ubuntu-users mailing list