How to create a LVM encrypted partition
Be carefully with all this commands, with some of them you can erase all the data in a partition, always use ‘man’… of course, I’m using GNU/Linux.
I do this in Debian, works perfect for me, I’m working, mounting and unmounting the partition for more than a year without any problems.
Well, let’s do it…
First, create the LVM partition(in this case named lv_fun):
lvcreate -n lv_fun –size 1G VolGr01
Then, fill the partition with random data:
badblocks -s -w -t random -v /dev/mapper/VolGr01-lv_fun
Now let’s create the encrypted partition with dm-crypt and luks:
cryptsetup -y luksFormat /dev/mapper/VolGr01-lv_fun
cryptsetup luksOpen /dev/mapper/VolGr01-lv_fun crypt_fun
You must write the passphrase after this commands, use a good passphrase, a reasonable hint is using leters, numbers, some other sign and it should have 20 or more characters (just a quick hint, theres a lot to talk about this).
Use the ‘man’, you can modify a lot of parameters in the previous commands.
OK, the encrypted partition is done! Let’s make the filesystem in this:
mkfs.ext3 -j /dev/mapper/crypt_fun
e2fsck -f /dev/mapper/crypt_fun
In this case I make a ext3 FS, you can do anything else.
And it’s done!
Now you can have some privacy… just some… 😉
We only need to know how to mount and unmount it:
Mount:
cryptsetup luksOpen /dev/mapper/VolGr01-lv_fun crypt_fun && mount /dev/mapper/crypt_fun /media/fun
Umount:
umount /media/fun && cryptsetup luksClose crypt_fun
And that’s it, you have your privacy with a LVM encrypted partition.
If you can’t create a partition or you want a portable encrypted file system you can read my other post about privacy and encryption on linux:
How to create a portable encrypted file system on a loop file
Nice tutorial! works smooth and perfect!
What’s the point of putting an encrypted partition on LVM – if the volume ever needed to be resized, can it do it transparently with an encrypted LV?