tags: linux, cryptsetup, luks, security date: 2018-03-31
cryptsetup isLuks <device>
Returns 0(zero), if <device> is a LUKS device, 1 otherwise. Use option -v to get human-readable feedback.
‘Command successful.’ means the device is a LUKS device.
dd bs=512 count=4 if=/dev/urandom of=/boot/sda3.key
cryptsetup -d /boot/sda3.key luksFormat /dev/sda3 cryptsetup -d sv0.jpg -l 4096 luksFormat /dev/sda4 --key-file, -d name Read the passphrase from file. If the name given is "-", then the passphrase will be read from stdin. In this case, reading will not stop at newline charac‐ ters. With LUKS, passphrases supplied via --key-file are always the existing passphrases requested by a command, except in the case of luksFormat where --key-file is equivalent to the positional key file argument. --keyfile-size, -l value Read a maximum of value bytes from the key file. The default is to read the whole file up to the compiled-in maximum that can be queried with --help. Supplying more data than the compiled-in maximum aborts the operation. This option is useful to cut trailing newlines, for example. If --keyfile-offset is also given, the size count starts after the offset. Works with all commands that accept key files. cryptsetup open --type luks -d sv0.jpg -l 4096 /dev/sda4 sda4_lvmcrypt
cryptsetup -d inna.jpg -l 1906 luksFormat /dev/sdb3 cryptsetup luksOpen -d inna.jpg -l 1906 /dev/sdb3 sdb3_luks mount /dev/mapper/sdb3_luks /mnt/home