tags: linux, cryptsetup, luks, security date: 2018-03-31
cryptsetup isLuks <device>
Returns 0(zero), if <device> is a LUKS device, 1 otherwise.
Use option -v to get human-readable feedback.
‘Command successful.’ means the device is a LUKS device.
dd bs=1024 count=2 if=/dev/urandom of=/boot/sda3.key
cryptsetup --key-file /boot/sda3.key luksFormat /dev/sda3
Read the passphrase from the file given after -key-file option.
If the filename given is “-”, then the passphrase will be read from stdin.
cryptsetup --key-file somefile.jpg --keyfile-size 4096 luksFormat /dev/sda4
–keyfile-size, -l value
Read a maximum of value bytes from the key file. The default is to read the whole file up to the compiled-in maximum.
If –keyfile-offset is also given, the size count starts after the offset. Works with all commands that accept key files.
cryptsetup open --type luks -d sv0.jpg -l 4096 /dev/sda4 sda4_lvmcrypt
cryptsetup -d inna.jpg -l 1906 luksFormat /dev/sdb3
cryptsetup luksOpen -d inna.jpg -l 1906 /dev/sdb3 sdb3_luks
mount /dev/mapper/sdb3_luks /mnt/home