====== LUKS ======
Naplnit disk náhodnými daty:
**~$ sudo dd if=/dev/urandom of=/dev/sda bs=4M status=progress**
238468+0 záznamů přečteno
238467+0 záznamů zapsáno
1000204886016 bajtů (1,0 TB, 932 GiB) zkopírováno, 29102,6 s, 34,4 MB/s
Vytvořit partition (GPT):
**~$ sudo gdisk -l /dev/sda**
GPT fdisk (gdisk) version 1.0.3
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: not present
Creating new GPT entries.
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-1953525134, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-1953525134, default = 1953525134) or {+-}size{KMGTP}:
Current type is 'Linux filesystem'
Hex code or GUID (L to show codes, Enter = 8300):
Changed type of partition to 'Linux filesystem'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.
Kontrola:
**~$ lsblk**
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931,5G 0 disk
└─sda1 8:1 0 931,5G 0 part
**~$ sudo gdisk -l /dev/sda**
GPT fdisk (gdisk) version 1.0.3
Partition table scan:
MBR: protective
BSD: not present
APM: not present
GPT: present
Found valid GPT with protective MBR; using GPT.
Disk /dev/sda: 1953525168 sectors, 931.5 GiB
Model: HD650
Sector size (logical/physical): 512/4096 bytes
Disk identifier (GUID): 684CCBB4-EEA4-4C92-BC2A-6D16D1B0ADF8
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 1953525134
Partitions will be aligned on 2048-sector boundaries
Total free space is 2014 sectors (1007.0 KiB)
Number Start (sector) End (sector) Size Code Name
1 2048 1953525134 931.5 GiB 8300 Linux filesystem
**~$ sudo cryptsetup luksFormat /dev/sda1**
WARNING!
========
Toto nevratně přepíše data na /dev/sda1.
Are you sure? (Type uppercase yes): YES
Zadejte heslo pro /dev/sda1:
Ověřte heslo:
**~$ sudo cryptsetup -v luksOpen /dev/sda1 red**
Zadejte heslo pro /dev/sda1:
Pozice klíče 0 odemknuta.
Příkaz úspěšně vykonán.
**~$ lsblk**
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931,5G 0 disk
└─sda1 8:1 0 931,5G 0 part
└─red 254:3 0 931,5G 0 crypt
**~$ sudo mkfs.ext4 /dev/mapper/red**
mke2fs 1.44.5 (15-Dec-2018)
Creating filesystem with 244186289 4k blocks and 61046784 inodes
Filesystem UUID: eecd9db7-a672-43e5-b286-335766bedf88
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
102400000, 214990848
Allocating group tables: done
Writing inode tables: done
Creating journal (262144 blocks): done
Writing superblocks and filesystem accounting information: done
**~$ sudo mkdir /mnt/RED**
**~$ sudo mount /dev/mapper/red /mnt/RED**
**~$ lsblk**
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931,5G 0 disk
└─sda1 8:1 0 931,5G 0 part
└─red 254:3 0 931,5G 0 crypt /mnt/RED
**~$ mount | grep -i red**
/dev/mapper/red on /mnt/RED type ext4 (rw,relatime)
Občas se stane, že napoprvé se oddíl přimountuje jako ro (read-only), stačí jej odpojit a připojit znovu (umount ... / mount ...).
FIXME
* luksClose
* záloha LUKS hlavičky