Create encrypted file vault on Linux
2023-06-20
This article describes how to create a secure vault in a single file under Linux. It is protected by Linux Unified Key Setup (LUKS) disk encryption specification, in current particular case LUKS2 used.
Creating password protected LUKS2 vault
Create 512 MB file for vault
dd if=/dev/urandom of=vault.img bs=1M count=512Create empty volume inside vault file
cryptsetup --verify-passphrase luksFormat --type luks2 vault.imgOpen vault and make sure that it was successfully opened (file myvault should be present in /dev/mapper)
sudo cryptsetup open --type luks2 vault.img myvault
ls /dev/mapperCreate a filesystem
sudo mkfs.ext4 -L myvault /dev/mapper/myvaultClose vault if you don't need it right now
sudo cryptsetup close myvaultCreating vault mount point
Create a mount point for your vault. You can place it wherever and name it whatever, you can even skip this step if you want to use /mnt.
mkdir ~/myvaultUsing vault
Open up and mount vault
sudo cryptsetup open --type luks2 vault.img myvault
sudo mount /dev/mapper/myvault ~/myvaultDo your secret stuff :)
touch ~/myvault/my-super-secret-fileUnmount and close vault
sudo umount ~/myvault
sudo cryptsetup close myvaultLinks
- LUKS Wiki - https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
- cryptsetup manpage - https://man7.org/linux/man-pages/man8/cryptsetup.8.html