Friday, April 25, 2014

Luks and GPG setup

LUKS [Linux Unified Key Setup]

- Luks  ~ Linux unified key setup is used to encrypt a disk partition

Steps :

1.    Create a empty partition
# dd if=/dev/urandom of=/dev/sdaX       
Note: This will fill /dev/sdaX with garbage data

2.    Format the partition using encrypt LUKS
# cryptsetup LuksFormat /dev/sdaX      
        Warning         : Yes
        Enter LUKS password    : redhat

3. Open the partition with the name and with the password.
# cryptsetup luksopen /dev/sdaX secret   
Note: secret=anyname; enter same password as above when prompted.

4.     Format the patition with ext4 fs type.
# mkfs.ext4 /dev/mapper/scret

5.    Add entry to crypttab,
# vi /etc/crypttab
        secret /dev/sdaX    none
        :wq

6. Add entry to survive the mount upom reboot.
  # vi /etc/fstab
        Insert mode
        /dev/mapper/secret  /mnt  ext4  defaults 0 0
        :wq
7.    Mount the FS.
# mount -a   

Now, reboot your machine.
You will be always prompted to enter LUKS password

--------------------------------------------------------------------------
GPG [Gun Privacy Guard Key Encryption]


- GPG stands for Gun Privacy Key Encryption
- It is used to encrypt the data file, which can sent over the wire securely.
- Wrong password used to decrypt the data once with corrupt it.


To Encrypt :

# cat >mylok
# gpg -c mylok
  Enter password

To Decrypt :

# gpg mylok.gpg           
Note: mylok and mylok.gpg are now 2 different files

To Encrypt [ASCII]

# gpg -c -a mylok            // mylok.asc file creared
  Enter password

------------------------------------------------------------------------

No comments:

Post a Comment