UPDATE: I have suffered some sort of corruption with this approach. As a result I do not recommend the instructions below. I encourage you to look into more solid loopback encryption techniques.
Also please see [[e/01211]].
This fallible approach is also known as encryption over LVM.
I created the logical volume from the volume group ‘x61’.
sudo lvcreate -n crypt -L 12.27GB x61
This will prompt you for a password. Don’t forget it!
sudo cryptsetup create crypt /dev/x61/crypt x61:~% sudo cryptsetup status crypt /dev/mapper/crypt is active: cipher: aes-cbc-plain keysize: 256 bits device: /dev/dm-4 offset: 0 sectors size: 25739264 sectors mode: read/write
Create the ext3 filesystem:
sudo mke2fs -j -O dir_index,filetype,sparse_super /dev/mapper/crypt
Setup the crypttab to tell the system how to unlock the disk
x61:~% cat /etc/crypttab # <target name> <source device> <key file> <options> crypt /dev/x61/crypt none checkargs=ext2,noauto
An fstab line to mount it
x61:~% grep crypt /etc/fstab /dev/mapper/crypt /home/hendry/crypt ext3 defaults,noauto,user 0 0
SO to start using my special encrypted folder, I now have to run:
sudo cryptdisks_start crypt mount /home/hendry/crypt
So here is what I have my disk & LVM finally setup as:
x61:~% sudo lvscan ACTIVE '/dev/x61/root' [16.68 GB] inherit ACTIVE '/dev/x61/swap_1' [2.59 GB] inherit ACTIVE '/dev/x61/home' [80.00 GB] inherit ACTIVE '/dev/x61/crypt' [12.27 GB] inherit x61:~% sudo pvscan PV /dev/sda5 VG x61 lvm2 [111.55 GB / 4.00 MB free] Total: 1 [111.55 GB] / in use: 1 [111.55 GB] / in no VG: 0 [0 ]
Furthermore, encrypting a swap partition.