In this post we are going to encrypt a volume in Linux system.To encrypt the volume we will use LUKS(Linux Unified Key Setup) to encrypt the volumes.
What is the use of Encryption?
In order to secure the data stored in the HDD from physical HDD theft. For example if your laptop is stolen, and it contains confidential personal/official data, it can easily misused. Which may led to loss for a company or personally. By encrypting the volume in Linux user LUKS you can prevent data being misused. Let learn how to encrypt the volumes using LUKS.
RHEL / CentOS / Oracle / Scientific Linux user type the following yum command
# yum install
After installing the binary successfully, run the following commands to encrypt the volumes.
# cryptsetup luksFormat /dev/xvdf
Once you run the above command you will be seeing the below output.
This will overwrite data on /dev/xvdf
irrevocably. Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
To encrypt the volume type “YES” in uppercase followed by the key(password) to encrypt the volume. The luksFormat sets an initial key or passphrase for the volume
#cryptsetup luksOpen /dev/xvdf mappername
Output #Enter passphrase for /dev/xvdf:
After creating the mapped for the encrypted volume you need to format the volume and mount to the directory.
#mount /dev/mapper/mappername /encrypted_volume
Please follow the below to steps to remove the encrypted volume. First,you need to umount the encrypted volume you wanted to remove. To umount run the below command.
Remove the mapper created by running the below command.
#cryptsetup luksClose /dev/mapper/mappername
Note: In case if you forgot the password used for volume encryption, the data are not recoverable so do not forget password.