1、首先我们安装分区工具
[[email protected] ~]# yum -y install cryptsetup#yum安装加密工具
2、其次我们在虚拟机上添加一个分区
[[email protected] ~]# fdisk /dev/sdd#步骤就不详解了 [[email protected] ~]# partprobe /dev/sdd#获取分区表 [[email protected] ~]# cryptsetup luksFormat /dev/sdd1#设置密码Format F必须大写 WARNING! ======== This will overwrite data on /dev/sdd1 irrevocably. Are you sure? (Type uppercase yes): YES#必须为大写YES Enter LUKS passphrase: #密码 Verify passphrase:#再次验证密码
3、映射分区这样做事为了安全类似于昨天的软连接
[[email protected] ~]# cryptsetup luksOpen /dev/sdd1 my_disk#Open O必须大写 Enter passphrase for /dev/sdd1:#密码
4、查看加密磁盘映射分区
[[email protected] ~]# ll /dev/mapper/#存放位置 total 0 crw-rw---- 1 root root 10, 58 Jul 27 01:01 control lrwxrwxrwx 1 root root 7 Jul 27 01:20 my_disk -> ../dm-0 #注:my_disk 指向/dm-0
5、格式化映射分区
[[email protected] ~]# mkfs.ext4 /dev/mapper/my_disk
6、创建挂载点并挂在分区
[[email protected] ~]# mkdir mapper_mount#创建挂载点 [[email protected] ~]# mount /dev/mapper/my_disk mapper_mount/#挂载
7、查看挂载状况
[[email protected] ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda2 9.9G 1.4G 8.0G 15% / tmpfs 479M 0 479M 0% /dev/shm /dev/sda1 194M 27M 158M 15% /boot /dev/sr0 3.6G 3.6G 0 100% /mnt /dev/mapper/my_disk 20G 172M 19G 1% /root/mapper_mount
8、关闭加密分区
[[email protected] ~]# umount /root/mapper_mount/#首先卸载 [[email protected] ~]# cryptsetup luksClose /dev/mapper/my_disk #关闭加密分区 luksClose C大写 [[email protected] ~]# mount /dev/sdd1 mapper_mount/#再次挂载发现失败 mount: unknown filesystem type 'crypto_LUKS #如果需要使用该磁盘则需要先打开磁盘及luksOpen命令然后载挂载
本文转载自:http://www.linuxprobe.com/linux-disk-encryption.html
免费提供最新Linux技术教程书籍,为开源技术爱好者努力做得更多更好:http://www.linuxprobe.com