The above command creates an encrypted partition.
Now we need to create a logical partition can be mounted, and give it a name. In this example, we give it a name to sda2, you can call it test, fred, my secret partition or any name you like: # cryptsetupluksOpen/dev/sda2sda2EnterLUKSpassprase: keyslot0unlocked.Commandsuccessful. the following command will display the hidden/dev/mapper path equipment: $ ls-l/dev/mappertotal0crw-rw----1rootroot10, 632007-06-0918: 38controlbrw-rw----1rootdisk254, 02007-06-0919: 46sda2 now the file system into logical partitions: # mkfs.ext3/dev/mapper/sda2 you need to do a mount point, so you can mount and use this new, encrypted partition. Remember, you must use the/dev/mapper/path. I will put it in the root directory. Pay attention to what need root permissions: $ mkdir/home/me/crypted # mount/dev/mapper/sda1/home/me/crypted that it is mounted, write a test file: # d-[...] FilesystemSizeUsedAvailUse% Mountedon/dev/mapper/sda27.9G152M7.3G3%/home/carla/crypted # cd/home/me/crypted # nanotest # lslost + foundtest make it available to your users so far so good! but there is a big problem: only a local can access the partition. We have to let ordinary users can use it. You can be in the/etc/fstab to manage the virtual partition, just like the other partition. To add a row,/etc/fstab to allow users without special permission to load or unload this partition:/dev/mapper/sda2/home/carla/cryptedext3user, atime, noauto, exec, rw, suid00 dev, so you can load this yourself Carla partitions: $ mount ~/crypted but still unable to Carla writes data. So we again need to set up local privilege, the correct permissions and licensor, as has already been loaded, hidden devices: # chowncarla: carla/home/carla/crypted/# chmod0700/home/carla/crypted/okay, then, a lot of people justbest product for hair loss like you would Carlas! but we need to let Carla read and write some encrypted folder, and let other people cannot read and write to these folders. You can uninstall and turn off the encrypted partition manually: $ umountcrypted # cryptsetupluksClosesda2 open encryption device, you will need to enter LUKS passphrase. Remember, if you lost your password, you will be ruined. You can delete the partition again, but the data is unrecoverable. Open encrypted device and loads, you can use it like any other partition. You have to run with local cryptsetup. The user may not be very convenient. We also have a lot to tackle this problem solution. One is to use sudo; Ubuntu users have ready-to-full-featured sudo. Another method is to put it up as the system starts up and shuts down the system when closed. Or you might want to create a desktop icon, so that the user may press need to start and close it.
No comments:
Post a Comment