When you’re done simply eject the drive like normal or (with the LUKS partition highlighted) press the lock button in Disks. You can now copy files to your mounted virtual drive. Disks will format the file and even auto-mount it for you. Click Format, confirm the action and you’re done. In the image above the settings will format the drive to LUKS and then create an ext4 filesystem within the encrypted LUKS one. Make sure you do this for the correct ‘drive’ so that you don’t accidentally format your real hard drive! Please use a better passwordįrom this popup you can select the filesystem type and even name the drive. Press the little button with two gears right below the attached volume and click Format. This will attach the file, as if it were a real hard drive, to your computer: If you leave this checked you won’t be able to format or write anything to the volume. Don’t forget to uncheck the box!īe sure to uncheck “Set up read-only loop device”. From the menu in Disks, select Disks -> Attach Disk Image and browse to your newly created file (i.e. There are ways to do this in the terminal but for the purpose of this guide I’ll be showing how to do it all within gnome-disk-utility. Step 2: Format the file using LUKS + ext4 create-randomized-file-volume.sh 500 MySecrets.img Just save the above script to a file, say “create-randomized-file-volume.sh”, mark it as executable and run it like this: #. Here is a handy script that you can use to slightly automate this process: #!/bin/bashĮcho Usage: Įcho Creating $FILE with a size of $MBĭd if=/dev/urandom of=$FILE bs=1M count=$SIZE # dd if=/dev/urandom of=MySecrets.img bs=1M count=500 The easiest way is to run the following commands which will create the file and then fill it with random noise: # fallocate -l įor example let’s say you wanted a 500MiB file container called MySecrets.img, just run this command: # fallocate -l 500M MySecrets.img Step 1: Create a file to house your encrypted volume Also note that while LUKS offers a lot of options in terms of cipher/digest/key size/etc, this guide will try to keep it simple and just use the defaults. The following steps borrow heavily from a previous post so you should go read that if you want more details on some of the commands below. How to create an encrypted LUKS file container If you are familiar with the terminology in TrueCrypt you can think of LUKS as offering both full disk encryption and standard file containers. As I understand it this is being talked about for the LUKS 2.0 spec but is currently not a feature. TrueCrypt supports cipher cascades where the data is encrypted using multiple different algorithms just in case one of them is broken at some point in the future.TrueCrypt allowed you to encrypt a volume in-place, without losing data, LUKS does not.TrueCrypt supported the concept of hidden volumes, LUKS does not.There are a number of major differences between TrueCrypt and LUKS that you may want to be aware of: This guide will show you how to create encrypted file volumes, just like you could using TrueCrypt. One such alternative, on Linux anyway, is the Linux Unified Key Setup (or LUKS) which allows you to encrypt disk volumes. With the recent questions surrounding the security of TrueCrypt there has been a big push to move away from that program and switch to alternatives.
0 Comments
Leave a Reply. |