In this hands-on lab, we will learn how to encrypt a storage medium, such as a USB stick or SD card. When a storage device is encrypted, no one can access the data on it without the correct key. That way, even if you lose the device, the data on the device will remain secret.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Install the `cryptsetup` Utility
- Run the following command:
sudo yum install cryptsetup-luks
- Run the following command:
- Encrypt and Format the Storage Device
- List all of the available storage devices.
sudo fdisk -l - Locate the device that is approximately 3 GB in size and has no partitions.
- Encrypt and format the device.
sudo cryptsetup -y -v luksFormat <DEVICE_NAME>
- List all of the available storage devices.
- Configure the Storage Device
- Open the device.
sudo cryptsetup luksOpen <DEVICE_NAME> LA - Check the status of the device.
sudo cryptsetup -v status LA - Find the header information for the device.
sudo cryptsetup luksDump <DEVICE_NAME> - Clear the device.
sudo dd if=/dev/zero of=/dev/mapper/LA bs=128 - Create a filesystem on the device.
sudo mkfs.ext4 /dev/mapper/LA - Create a new directory to serve as the mount point.
mkdir LA - Mount the filesystem.
sudo mount /dev/mapper/LA LA/
- Open the device.
- Unmount and Lock the Device
- Unmount the device.
sudo umount LA/ - Lock the device.
sudo cryptsetup luksClose LA
- Unmount the device.
