Doing it through an GUI is simple, these steps are for the terminal.
Why encrypt your drives?
- Privacy: If someone steals your computer, they can’t access your data.
- Security: If someone steals your computer, they can’t access your data.
Encrypting a partition
You can get the device name of the partition you want to encrypt by running lsblk
or fdisk -l
.
Format the partition with LUKS:
$ sudo cryptsetup luksFormat /dev/sdX1
- Replace
/dev/sdX1
with the device name of the partition you want to encrypt.
- Replace
Open the encrypted partition:
$ sudo cryptsetup open /dev/sdX1 <name>
- Replace
<name>
with a name for the partition (eg enc_drive).
- Replace
Create a filesystem on the encrypted partition:
$ sudo mkfs.ext4 /dev/mapper/<name>
Mounting an encrypted partition
You are probaly going to want to mount the encrypted partition after you’ve encrypted it.
Open the encrypted partition (if it’s not already open):
$ sudo cryptsetup open /dev/sdX1 <name>
- Replace
<name>
with the name of the encrypted partition.
- Replace
Create a mounting point and mount the encrypted partition:
$ sudo mkdir /mnt/<name>/
$ sudo mount /dev/mapper/<name> /mnt/<name>/
Unmounting the drive
It’s different from unmounting a regular partition. You need to unmount the partition and close the encrypted partition.
Unmount the partition:
$ sudo umount /mnt/<name>/
Close the encrypted partition:
$ sudo cryptsetup close <name>