sudo apt-get update && sudo apt-get install -y cryptsetup
sudo dd if=/dev/zero of=/dev/sdb bs=512 count=1
sudo fdisk /dev/sdb
sudo cryptsetup --verify-passphrase luksFormat /dev/sdb1 -c aes -s 256 -h sha512
sudo cryptsetup luksOpen /dev/sdb1 backup
sudo mkfs -t ext4 -m 0 /dev/mapper/backup
sudo mkdir /mnt/backup
sudo chown yourusername:yourusername /mnt/backup/
mkdir ~/secrets
sudo chmod 0700 ~/secrets
dd if=/dev/random of=~/secrets/backup_stick.key bs=512 count=1
sudo cryptsetup luksAddKey /dev/sdb1 ~/secrets/backup_stick.key
sudo chmod 0400 ~/secrets/~/secrets/backup_stick.key
usb device uuid
blkid
add do /etc/fstab
UUID=THE_PARTITION_UUID /mnt/backup ext4 nofail,auto,noatime,rw,user 0 1
usb device serial number
/bin/udevadm info --name=/dev/sdb | grep -i serial_short
udev rule: /etc/udev/rules.d/98-backup-drive.rules
ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", ATTRS{serial}=="THE_DEVICE_SERIAL_NUMBER", \
RUN+="/sbin/cryptsetup --key-file /home/krausf/secrets/backup_stick.key luksOpen $env{DEVNAME} backup-stick"
ACTION=="add|change", SUBSYSTEM=="block", ENV{DM_NAME}=="backup-stick", \
RUN+="/bin/mount /dev/mapper/$env{DM_NAME}"