At another post https://www.gonscak.sk/?p=201 I posted how to create raid1 software raid with mdadm in linux. Now I tried to add a crypted filesystem to this.
First, check, that we have working software raid:
sudo mdadm --misc --detail /dev/md0
/dev/md0:
Version : 1.2
Creation Time : Wed Aug 22 09:34:23 2018
Raid Level : raid1
Array Size : 1953381440 (1862.89 GiB 2000.26 GB)
Used Dev Size : 1953381440 (1862.89 GiB 2000.26 GB)
Raid Devices : 2
Total Devices : 2
Persistence : Superblock is persistent
Intent Bitmap : Internal
Update Time : Thu Aug 23 14:18:50 2018
State : active
Active Devices : 2
Working Devices : 2
Failed Devices : 0
Spare Devices : 0
Consistency Policy : bitmap
Name : gw36:0 (local to host gw36)
UUID : ded4f30e:1cfb20cb:c10b843e:df19a8ff
Events : 3481
Number Major Minor RaidDevice State
0 8 17 0 active sync /dev/sdb1
1 8 33 1 active sync /dev/sdc1
Now, we synced drives and clean. It is time to encrypt. If we have not loaded modules for encryption, load it:q
modprobe dm-cryptNow create the volume with passphrase:
sudo cryptsetup --cipher=aes-xts-plain --verify-passphrase --key-size=512 luksFormat /dev/md0
And we can open it:
sudo cryptsetup luksOpen /dev/md0 cryptdisk
Now we can create as many times a physical volume, volume group and logical volume.
sudo pvcreate /dev/mapper/cryptdisk sudo vgcreate raid1 /dev/mapper/cryptdisk sudo lvcreate --size 500G --name lv-home raid1 sudo pvs PV VG Fmt Attr PSize PFree /dev/mapper/cryptdisk raid1 lvm2 a-- <1,82t 1,33t sudo vgs VG #PV #LV #SN Attr VSize VFree raid1 1 1 0 wz--n- <1,82t 1,33t sudo lvs LV VG Attr LSize lv-home raid1 -wi-ao---- 500,00g
Next, we create a filesystem on this logical volume:
sudo mkfs.ext4 /dev/mapper/raid1-lv--home
And we can mount it:
sudo mount /dev/mapper/raid1-lv--home crypt-home/
Now we have an encrypted partition (disk) for our home directory.
Total Page Visits: 5139 - Today Page Visits: 1