JustPaste.it
To set up an encrypted file on Linux that can be mounted and accessed like a hard drive, you can use LUKS (Linux Unified Key Setup) to create an encrypted container within a file, format it with a filesystem, and then mount it. This effectively creates a virtual encrypted disk that behaves like a regular storage device. 

 

Here's a step-by-step guide:

 

1. Create an Empty File:

 

  • First, create an empty file with a desired size. This file will act as the container for your encrypted volume.
  • Use the fallocate command to create a sparse file (a file that only takes up space on disk as it's written to): 

     

Code

 

    fallocate -l 10G encrypted_volume.img
This command creates a file named encrypted_volume.img with a size of 10 Gigabytes. 

 

2. Initialize the LUKS Container:

 

  • Use cryptsetup luksFormat to initialize the LUKS container within the file: 

     

Code

 

    cryptsetup luksFormat encrypted_volume.img
You will be prompted to enter a strong passphrase, which is essential for accessing the encrypted data. 

 

3. Open the LUKS Container:

 

  • Open the LUKS container to create a device mapper entry (a virtual device):

     

Code

 

    cryptsetup luksOpen encrypted_volume.img encrypted_volume
Replace encrypted_volume.img with the actual filename and encrypted_volume with your desired name for the device mapper entry. You'll be prompted for the passphrase you set in the previous step. 

 

4. Create a Filesystem:

 

  • Now, create a filesystem (e.g., ext4) on the opened LUKS device:

     

Code

 

    mkfs.ext4 /dev/mapper/encrypted_volume
Replace /dev/mapper/encrypted_volume with the actual device mapper path. 

 

5. Create a Mount Point:

 

  • Create a directory where you will mount the encrypted volume: 

     

Code

 

    mkdir /mnt/encrypted_volume
You can choose any suitable mount point. 

 

6. Mount the Filesystem:

 

Mount the filesystem.

 

Code

 

    mount /dev/mapper/encrypted_volume /mnt/encrypted_volume
Now you can access the encrypted volume like a regular directory. 

 

7. Accessing the Encrypted Volume:

 

  • To access your encrypted volume, you'll need to open the LUKS container and mount it each time: 

     

Code

 

    cryptsetup luksOpen encrypted_volume.img encrypted_volume
    mount /dev/mapper/encrypted_volume /mnt/encrypted_volume
  • After you're finished using the encrypted volume, unmount it and close the LUKS container: 

     

Code

 

    umount /mnt/encrypted_volume
    cryptsetup luksClose encrypted_volume
Key Considerations:
  • Security:
    Use a strong passphrase and consider storing it securely, as losing it means losing access to your data.
  • Performance:
    Encryption can introduce a slight performance overhead, but it's generally negligible for most uses.
  • Backups:
    Always back up your data, especially if it's sensitive, as encryption doesn't protect against data loss due to hardware failure.
  • Alternatives:
    While LUKS is a popular choice, other tools like VeraCrypt [NOTE: This website messes up this Google link] can also be used for creating encrypted containers.