Create an encrypted file luks container

Today, we well create an encrypted file container with some key-file needed to open this container.

At the beginning, we must create a file at size we want. I create a 200GB file with random data:

dd if=/dev/urandom of=/mnt/example/ssd/private.img bs=2M count=102400
...
214748364800 bytes (215 GB, 200 GiB) copied, 1896,49 s, 113 MB/s

Now, create a key file, needed for open this file, again with random data. But it can be file of any type – photo, documents, video, movie…

dd if=/dev/urandom of=/mnt/example/ssd/secret.bin bs=1024 count=1 
...
1024 bytes (1,0 kB, 1,0 KiB) copied, 0,000155504 s, 6,6 MB/s

Now, format this file with luks. Be sure, that your password is strong. And answer YES to question:

cryptsetup luksFormat -v /mnt/example/ssd/private.img /mnt/example/ssd/secret.bin 

Now, we unlock this file:

sudo cryptsetup -v luksOpen /mnt/example/ssd/encrypted.img myEncryptedVolume -–key-file /mnt/example/ssd/secret.bin 

And check status of this luks container:

sudo cryptsetup -v status myEncryptedVolume

/dev/mapper/myEncryptedVolume is active.
  type:    LUKS2
  cipher:  aes-xts-plain64
  keysize: 512 bits
  key location: keyring
  device:  /dev/loop24
  loop:    /mnt/example/ssd/encrypted.img
  sector size:  512
  offset:  32768 sectors
  size:    419397632 sectors
  mode:    read/write
Command successful.

And now, like commands bellow, we close, open and format our file. Then mount it and copy files there 🙂

sudo cryptsetup luksClose myEncryptedVolume
sudo cryptsetup -v luksOpen /mnt/example/ssd/encrypted.img myEncryptedVolume -–key-file /mnt/example/ssd/secret.bin 
sudo cryptsetup -v status myEncryptedVolume
sudo mkfs -t ext4 /dev/mapper/myEncryptedVolume
mkdir /home/privates
sudo mount /dev/mapper/myEncryptedVolume /home/privates
...copy files there...
sudo umount /home/privates
sudo cryptsetup luksClose myEncryptedVolume

And that all 🙂

Total Page Visits: 772 - Today Page Visits: 2