Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon
Labs

Create and Mount an Encrypted Block Device Using dm-crypt

In this lab you will create an encrypted block device using `dm-crypt` and LUKS. Then you will open the encrypted device and create a filesystem on it. You are working as a System Administrator at a large financial institution and have been tasked with enabling whole-disk encryption on a portable drive. The portable drive is attached as `/dev/loop0` to the user's workstation, which is running the CentOS Linux 7.7 operating system.

Try for free Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Intermediate
Duration
Clock icon 15m
Published
Clock icon Jan 31, 2020

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Create an Encrypted Volume on the Target Device

    Create an encrypted volume on the target device:

    $ sudo cryptsetup luksFormat /loopbackfile.img

  2. Challenge

    Open the Encrypted Volume

    Open the encrypted volume:

    $ sudo cryptsetup luksOpen /dev/loop0 encvol
$ ls /dev/mapper/ -l

  3. Challenge

    Create a Filesystem on the Encrypted Volume

    Create a filesystem on the encrypted volume:

    $ sudo mkfs.ext4 /dev/mapper/encvol
$ sudo mount /dev/mapper/encvol /mnt/

  4. Challenge

    Unmount the Filesystem and Close the Encrypted Volume

    Unmount the filesystem and close the encrypted volume:

    $ sudo umount /mnt/
$ sudo cryptsetup luksClose encvol

  5. Challenge

    Create a Keyfile and Add It to the Encrypted Volume

    Create a keyfile and add it to the encrypted volume:

    $ sudo dd if=/dev/urandom of=/root/lukskey bs=4096 count=1
$ sudo chmod 600 /root/lukskey
$ sudo cryptsetup luksAddKey /dev/loop0 /root/lukskey

  6. Challenge

    Open the Encrypted Volume Using the Keyfile and Mount the Filesystem

    Open the encrypted volume using the keyfile and mount the filesystem:

    sudo cryptsetup luksOpen /dev/loop0 encvol --key-file /root/lukskey
sudo mount /dev/mapper/encvol /mnt/
A Cloud Guru - Labs - Create and Mount an Encrypted Block Device Using dm-crypt
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans