Efs basically
provide encryption over the partition or hard disk. It works on LUKS
(linux unifine keys setup) utility.
Tool = cryptosetup
step 1 #yum install crypto* -y (install the paccage.)
step 2 # create partition with 2G (this is not mendetory you can give any size.)
#cryptsetup luksFormat /dev/sda5 (after luks all firsl starting character in capital.)
YES (type yes in capital)
(******) (type password)
(******) (again)
How to chack mapper points ?
#ll /dev/mapper (show presant mapper)
#cryptsetup luksOpen /dev/sda5 storage (make mapper over on partition with name storage)
#mkfs.ext4 /dev/mapper/storage (format mapper storage)
#mkdir /crypt
#mount /dev/mapper/storage /crypt (temprory mount mapper on /crypt)
#vim /etc/fstab
/dev/mapper/storage /crypt ext4 defaults 0 0
:wq!
(for permanent
mount make this entry in fstab save and quit)
#mount -a
#mount
#df -TH (show all size)
#vim /etc/crypttab
storage /dev/sda5 (password) which is you set in starting of the cryptFormat
:wq!
(leave it once
without password and restart the system u can see the password on
booting.)
#dd if=/dev/urandom of=key bs=4096 count=1
(to make a random
password key )
#dd if=/dev/urandom (to create randoom file)
#cryptsetup luksAddKey /dev/sda5 /root/key
(to add key in
root for partition 5)
#chmod 400 /root/key (set the permission on root/key )
#vim /etc/crypttab
storage /dev/sda5 /root/key
:wq!
#umount /crypt/
#cryptsetup luksClose /dev/mapper/storage
#ll /dev/mapper
#cd /crypt
#ls
#cd
#cryptsetup luksOpen /dev/sda5 storage
#ll /dev/mapper
#mount /crypt
#cd /crypt
#ls
#man cryptsetup (read all the manuel of the cryptsetup)
No comments:
Post a Comment