Skip to content

Instantly share code, notes, and snippets.

@fxkraus

fxkraus/ubuntu-luks-encrypted-usb-drive.md

Last active July 7, 2017 07:26
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save fxkraus/eda39826a2d5729d976f0566dd80e0d9 to your computer and use it in GitHub Desktop.
Save fxkraus/eda39826a2d5729d976f0566dd80e0d9 to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu LUKS encrypted usb backup partition
Raw
ubuntu-luks-encrypted-usb-drive.md

Encrypted

Install required packages

sudo apt-get update && sudo apt-get install -y cryptsetup

Overwrite existing partition table (optional)

sudo dd if=/dev/zero of=/dev/sdb bs=512 count=1

Create partition table and partition

sudo fdisk /dev/sdb

Encrypt the partition

sudo cryptsetup --verify-passphrase luksFormat /dev/sdb1 -c aes -s 256 -h sha512

Create Filesystem

sudo cryptsetup luksOpen /dev/sdb1 backup
sudo mkfs -t ext4 -m 0 /dev/mapper/backup

Manually mount partition

sudo mkdir /mnt/backup
sudo chown yourusername:yourusername /mnt/backup/

Automatically mount partition

mkdir ~/secrets
sudo chmod 0700 ~/secrets
dd if=/dev/random of=~/secrets/backup_stick.key bs=512 count=1
sudo cryptsetup luksAddKey /dev/sdb1 ~/secrets/backup_stick.key
sudo chmod 0400 ~/secrets/~/secrets/backup_stick.key

usb device uuid

blkid

add do /etc/fstab

UUID=THE_PARTITION_UUID /mnt/backup     ext4    nofail,auto,noatime,rw,user 0 1

usb device serial number

/bin/udevadm info --name=/dev/sdb | grep -i serial_short

udev rule: /etc/udev/rules.d/98-backup-drive.rules

ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="partition", ATTRS{serial}=="THE_DEVICE_SERIAL_NUMBER", \
RUN+="/sbin/cryptsetup --key-file /home/krausf/secrets/backup_stick.key luksOpen $env{DEVNAME} backup-stick"
ACTION=="add|change", SUBSYSTEM=="block", ENV{DM_NAME}=="backup-stick", \
RUN+="/bin/mount /dev/mapper/$env{DM_NAME}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment