Cryptsetup is a utility used to conveniently set up disk encryption based on the DMCrypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES, TrueCrypt (including VeraCrypt extension), and BitLocker formats. LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not only facilitate compatibility among distributions but also provides secure management of multiple user passwords. LUKS stores all necessary setup information in the partition header, enabling to transport or migrate data seamlessly. Here are some interesting articles: How to add a new partition to an existing Linux server, ESXI 6.7 ALARM: Seat disk exhaustion on 10, and how to setup up WatchGuard Log and Report Server in a VM.
Cryptsetup utility that is used for configuring encrypted filesystems, To get started, you need to have the have the cryptsetup-luks package installed. Use the fdisk –l or blkid command to get a list of available partitions. For the purpose of this tutorial, I created a new partition called loop2
Before we go further, it is very important you have the data on that partition backed up before encryption because the encryption process will overwrite whatever data you have on that partition
cryptsetup --verbose --verify-passphrase luksFormat /dev/partition-name
Type yes in block letters to proceed. (pay attention to the warning.) After which, you will be required to input a password.
cryptsetup luksOpen /dev/partition-name partition-name
This command will prompt you for the password you used for the encryption
Once it is opened, the already encrypted partition is automatically mapped out to dev/mapper/partition-name and a quick delve into the fdisk –l command will confirm just that.
To start using this partition, you will need to format the partition with a filesystem of your choice and then mount it. I used the mkfs command in my own case
mkfs.ext4 /dev/mapper/partition-name
Thats how to encrypt with cryptsetup. I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.