Encryption, LUKS

Create an encrypted file container in Linux


sudo apt-get install cryptsetup

Create an empty file with the size of your container (e.g. 100MB)

fallocate -l 100M mycontainer.img


dd if=/dev/urandom of=mycontainer.img bs=1M count=100

Using a keyfile

dd if=/dev/urandom of=mykey.key bs=1024 count=1

Encrypting disk image file

sudo cryptsetup -y luksFormat mycontainer.img


sudo cryptsetup luksFormat -d mykey.key mycontainer.img

Unlock/Open LUKS encrypted container

  • creates a device file with the name /dev/mapper/myVolume
sudo cryptsetup luksOpen mycontainer.img myVolume


sudo cryptsetup luksOpen mycontainer.img -d mykey.key myVolume

Create an ext4 filesystem on the decrypted LUKS container

sudo mkfs.ext4 /dev/mapper/myVolume

Mount the device

mkdir ~/myPrivData
sudo mount /dev/mapper/myVolume ~/myPrivData
sudo chown -R $USER ~/myPrivData

Unmount/close decrypted LUKS container

sudo umount ~/myPrivData && sudo cryptsetup luksClose myVolume && rm -r ~/myPrivData

Quickly Access Container

sudo cryptsetup luksOpen mycontainer.img myVolume && mkdir ~/myPrivData && sudo mount /dev/mapper/myVolume ~/myPrivData


sudo cryptsetup luksOpen mycontainer2.img -d mykey.key myVolume && mkdir ~/myPrivData && sudo mount /dev/mapper/myVolume ~/myPrivData