Questions tagged [luks]

The Linux Unified Key Setup or luks is a disk-encryption specification created by Clemens Fruhwirth in 2004 and originally intended for linux.

While most disk encryption software implements different and incompatible, undocumented formats, LUKS specifies a platform-independent standard on-disk format for use in various tools. This not only facilitates compatibility and interoperability amongst different programs, but also assures that they all implement password management in a secure and documented manner.

The reference implementation for LUKS operates on Linux and is based on an enhanced version of cryptsetup, using dm-crypt as the disk encryption backend. Under Microsoft Windows, LUKS-encrypted disks can be used with LibreCrypt (formerly DoxBox).

References:

Official Website

59 questions

votes

0 answers

Getting a mount error when trying to mount device at another mount point after cryptsetup opened LUKS device

I am using Ubuntu 22.04 and would like to mount an opened LUKS device (USB pen drive) in /media/user_name/... for it to show up in the Ubuntu file explorer. When inserting the drive a dialog immediately opens asking for a password to unlock the…

linux mount mount-point luks

asked Oct 31 '22 at 21:28

Jokko

votes

0 answers

How to shutdown a luks encrypted server if not unlocked in 5 minutes?

I have a Debian server with an encrypted luks partition and I would like to run the following command before switch_Root shutdown -H +5 I tried to put a script in/etc/initramfs-tools/scripts/init-top but the shutdown command is not working in…

unix debian system-administration luks

asked Oct 17 '22 at 09:44

George

votes

1 answer

Mapping nested device mapper mounts back to their physical drive

Looking for a reliable (and hopefully simple) way to trace a directory in an lvm or other dm mounted fs back to the physical disk it resides on. Goal is to get the model and serial number of the drive no matter where the script wakes up. Not a…

loopback lvm luks

asked Sep 27 '22 at 10:32

netdxr

votes

0 answers

How do we run a key script in initramfs to unlock cryptsetup LUKS volume

Does anyone know how to unlock the LUKS encrypted partition using key script? The idea is to run the keyscript in order to retrieve the key stored in the TPM's NVram and supply that to the LUKS encrypted partition. I'm using systemd-boot, I tried to…

linux luks

asked Mar 01 '22 at 04:36

T08

votes

1 answer

Unlocking multiple LUKS-encrypted volumes with a single password at boot (Gentoo, encrypted ZFS root, genkernel initramfs)

With this post I am sharing a solution with the community. I have a Gentoo system installed on a ZFS pool consisting of multiple encrypted devices. It is normally decrypted at boot as described in this post. In the file /etc/default/grub I add to…

encryption gentoo zfs luks initramfs

asked Feb 16 '22 at 23:29

D-FENS

1,438
8
21

votes

0 answers

How Can I Create a Bash Script For Menu Based LUKS Encryption?

I am writing a Bash script to make LUKS encryption user friendly and to make the process faster while still allowing control of the arguments. My current code: #!/usr/bin/env bash ## Ask user for device. echo "Device:" read device ## Ask user for…

bash variables encryption luks

asked Sep 30 '21 at 21:28

user16448786

votes

1 answer

SELinux and cryptsetup: chown failed and can't access temporary keystore

I am trying to set up SELinux and an encrypted additional partition that I mount at startup using a systemd service. If I run SELinux in permissive mode, everything runs ok (partition is correctly mounted, data can be accessed and service runs…

encryption selinux luks

asked Jun 28 '21 at 12:33

EagleOne

votes

1 answer

LINUX: Failed to pkg-config on libcryptsetup

Can someone help me with this error: pkg-config --cflags -- libcryptsetup Package libcryptsetup was not found in the pkg-config search path. Perhaps you should add the directory containing `libcryptsetup.pc' to the PKG_CONFIG_PATH environment…

linux pkg-config luks

asked Nov 06 '20 at 04:25

James Sapam

16,036
12
50
73

votes

1 answer

On LUKS-Dropbear-Arch-Raspberry Pi-System appears error: Can't open '/.cryptdev': No such file or directory

I wrote a script to configure and transform images to an sd card to use them on an Raspberry Pi. In line 418 of this script you will find the following code: if [ "$encrypt_system" == "y" ] then # @see…

linux raspberry-pi arch luks dropbear

asked Sep 30 '20 at 15:26

kevinfrantz

votes

2 answers

How to programatically find the start and end bytes of LUKS header?

How can I programmatically determine the exact start byte and exact end byte of a LUKS header on a block storage device? I use Linux Unified Key Setup (LUKS) for Full Disk Encryption (FDE), so all of the data on my drive is encrypted using a strong…

json linux encryption luks

asked Mar 18 '20 at 06:46

Michael Altfield

2,083
23
39

votes

0 answers

Enabling systemd's libcryptsetup

I'm having the same issue then the post here. I ve created a file cryptsetup_%.bbappend. I ve tried each of the following lines : #PACKAGECONFIG[xz] = "--enable-xz,xz" #PACKAGECONFIG[cryptsetup] = "--enable-libcryptsetup,cryptsetup" #EXTRA_OECONF =…

linux yocto systemd openembedded luks

asked Jan 31 '20 at 15:02

lalunepierr0t

votes

1 answer

Parsing LUKS Headers to Read Integer Value Fields Correctly

I'm trying to parse a luks header by reading the raw data off a device with a luks volume installed to it, following the specification given here: https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf, specifically page 6…

c linux binary luks

asked Nov 24 '19 at 02:22

muke

votes

1 answer

Luks contents not visible/accessible - Manjaro Linux

just encrypted with Luks an USB pen drive using KDE partition manager on Manjaro. The operation went well and could mount the USB drive by entering the passphrase. As all permissions were set as root, I changed the ownership with my actual username…

manjaro luks

asked Nov 03 '19 at 11:40

lucsar

votes

0 answers

JSCH how to get server answer in shell, in order validate commands to unlock a luks partition remotelly

I did a java app to unlock a luks partition remotely. Actually I have a cryptsetup configuration running a dropbox ssh OK. And app works The application connect to SSH Server and: 1.- Run the "cryptroot-unlock" script. 2.- Answer the password to…

shell ssh jsch luks

asked Aug 07 '18 at 20:50

Rodrigo

votes

0 answers

How to add a btrfs raid 1 to an encrypted lvm2 volume group under Solus OS (Linux)?

What I have: Solus OS install with an encrypted LVM2 on a 56G SSD w/o swap - works pretty good. I have 32G RAM, so swap isn't an issue right now - it's my future main rig and it is mainly intended to being used as desktop for office, web, daw…

linux lvm btrfs luks

asked Mar 28 '18 at 20:03

Enrico Lefass

Prev 1 2

4 Next