Verschlüsselte USB Platte mit LUKS erstellen

  Generic
   d   delete a partition
   F   list free unpartitioned space
   l   list known partition types
   n   add a new partition
   p   print the partition table
   t   change a partition type
   v   verify the partition table
   i   print information about a partition

  Misc
   m   print this menu
   x   extra functionality (experts only)

  Script
   I   load disk layout from sfdisk script file
   O   dump disk layout to sfdisk script file

  Save & Exit
   w   write table to disk and exit
   q   quit without saving changes

  Create a new label
   g   create a new empty GPT partition table
   G   create a new empty SGI (IRIX) partition table
   o   create a new empty DOS partition table
   s   create a new empty Sun partition table

neue Partitionstabelle erstellen mit

g
w

sollt eine (zusätzliche) NTFS Partition eingerichtet werden, vorzugsweise unter Windows mit der Datenträgerverwaltung erstellen, Der Einfachheit halber die zu verschlüsselnde EXT4 Partition mit Gparted/parted.

LUKS Modul in Linux laden und die zweite EXT4 Partition verschlüsseln,

modprobe dm-crypt
cryptsetup luksFormat /dev/sdc2

öffnen und einbinden mit

cryptsetup luksOpen /dev/sdc2 USBCRYPT
mkdir /home/username/USBCRYPT
mount /dev/mapper/USBCRYPT /home/username/USBCRYPT

zum aushängen

umount /home/username/USBCRYPT
cryptsetup luksClose USBCRYPT

LVS erstellen mit LUKS

PV „Physical Volume“

pvcreate /dev/sdc
pvs /dev/sdc
 PV         VG Fmt  Attr PSize   PFree   
 /dev/sdc      lvm2 ---  120.00g 120.00g

pvdisplay /dev/sdc
 "/dev/sdc" is a new physical volume of "120.00 GiB"
 --- NEW Physical volume ---
 PV Name               /dev/sdc
 VG Name                
 PV Size               120.00 GiB
 Allocatable           NO
 PE Size               0    
 Total PE              0
 Free PE               0
 Allocated PE          0
 PV UUID               xxxx-xxxxi-xxxxxxx-xxxx-xxxx-xxxxM

VG „Volume Group“

vgcreate vg00 /dev/sdc
vgdisplay vg00
  --- Volume group ---
  VG Name               vg00
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  1
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                0
  Open LV               0
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               <120.00 GiB
  PE Size               4.00 MiB
  Total PE              30719
  Alloc PE / Size       0 / 0   
  Free  PE / Size       30719 / <120.00 GiB
  VG UUID               xxx-xxx-x-x-xxx--xxx

LV „Logical Volume“

lvcreate -L 30G -n lv00 vg00

Format LVM Partition

mkfs.ext4 /dev/vg00/lv00

mke2fs 1.47.0 (5-Feb-2023)
Creating filesystem with 7864320 4k blocks and 1966080 inodes
Filesystem UUID: 3fad8a83-9051-4dd8-8dd7-9a7c65669b20
Superblock backups stored on blocks:  
       32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,  
       4096000

Allocating group tables: done                             
Writing inode tables: done                             
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

LVM verschlüsseln

cryptsetup luksFormat /dev/mapper/vg00-lv00

LVM Crypt öffnen und mounten

cryptsetup luksOpen /dev/mapper/vg00-lv00 lvmcrypt