Here are short instructions how to create and use encrypted hard disk on Ubuntu Linux. These instructions are tested on Ubuntu 10.10 Maverick Meekat.
We are going to use the following strategy
- Use cryptoloop kernel module. This is 100% open source software and the part of mainstream Linux (as opposite to TrueCrypt)
- No additional software installations needed – stock Ubuntu is fine
- These instructions work also on a server – no GUI needed
- We will create an encrypted file on the target hard-drive partition. The target partition can be even NTFS, so the hard disk acts normally in Windows, though you still need Linux to read encrypted files
- The encrypted file system will be Ext4 and mounted through a loop device
1. Prerequisites
- Ubuntu Linux
- Basic terminal / command-line know how
2. Creating an encrypted partition on an external driver
Plug-in the hard disk to Ubuntu Desktop – it will automount it over USB.
Install cryptoloop driver
sudo modprobe cryptoloop
Check what mount point the new disk has – in your case it is /media/Elements:
ls /media cdrom cdrom0 Elements
Check how much space the disk contains
df -h /dev/sdc1 932G 94M 932G 1% /media/Elements
Create a loopback file – don’t use the whole disk. In our case, allocate just 500 GB for the encrypted file system. Note that this may take time:
dd if=/dev/zero bs=1G count=500 of=/media/Elements/encrypted-fs
Now mount this file as a crypted loopback device. Note that need you to give separate password for sudo and the encryption. We use SHA-1 encryption. Don’t use password, use passphrase. SHA-1 has 160 bit key and to produce enough entropy, you need a latin sentence of at least 27 case-sensitive alphanumeric characters. We do this using losetup command.
sudo losetup -e sha1 /dev/loop0 /media/Elements/encrypted-fs
Then format this encrypted partition as ext4 file system.
mkfs.ext4 /dev/loop0
And now start using it
mkdir /media/encrypted mount /dev/loop0 /media/encrypted
3. Usage
Later when you remount the encrypted partition you can simply do
sudo losetup -e sha1 /dev/loop0 /media/Elements/encrypted-fs mount /dev/loop0 /media/encrypted
After usage always cleanly unmount the encrypted partition before unplugging the external hard-drive
umount /media/encrypted
4. More info
- https://help.ubuntu.com/community/EncryptedFilesystemHowto
- http://www.ppcnerds.org/index.php?name=News&file=article&sid=186&newlang=ita (see the new way section)
![\"\"](\"https://www.feedburner.com/fb/images/pub/feed-icon16x16.png\")
Subscribe to RSS feed ![](\"https://opensourcehacker.com/wp-content/uploads/twitter-24.png\")
Follow me on Twitter
![](\"http://opensourcehacker.com/wp-content/uploads/facebook-24.png\")
Follow me on Facebook ![](\"https://opensourcehacker.com/wp-content/uploads/googleplus.png\")
Follow me Google+
How to encrypt an external hard drive parition which has to be OS platform indipendant?
ie encrypted partition should be able to open from any available operating system by providing password.
TrueCrypt is multi platform so it should be able to do so.
But in your post it has mention that “The target partition can be even NTFS, so the hard disk acts normally in Windows, though you still need Linux to read encrypted files”
Use Truecrypt.