[root@localhost ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 18.4G 0 disk ├─sda1 8:1 0 400M 0 part /boot ├─sda2 8:2 0 10G 0 part ├─sda3 8:3 0 4G 0 part / ├─sda4 8:4 0 1K 0 part └─sda5 8:5 0 500M 0 part [SWAP]
[root@localhost ~]# yum provides *bin/cryptsetup Loaded plugins: fastestmirror, langpacks base | 3.6 kB 00:00 extras | 3.4 kB 00:00 updates | 3.4 kB 00:00 (1/4): base/7/x86_64/group_gz | 156 kB 00:00 (2/4): extras/7/x86_64/primary_db | 145 kB 00:00 (3/4): updates/7/x86_64/primary_db | 4.6 MB 00:05 (4/4): base/7/x86_64/primary_db | 5.7 MB 00:05 Determining fastest mirrors * base: ftp.twaren.net * extras: ftp.twaren.net * updates: ftp.twaren.net base/7/x86_64/filelists_db | 6.7 MB 00:03 cryptsetup-1.7.4-3.el7.x86_64 : A utility for setting up encrypted disks Repo : base Matched from: Filename : /usr/sbin/cryptsetup
[root@localhost ~]# yum install -y cryptsetup
[root@localhost ~]# badblocks -c 10240 -s -w -t random -v /dev/sda2 Checking for bad blocks in read-write mode From block 0 to 10485759 Testing with random pattern: done Reading and comparing: done Pass completed, 0 bad blocks found. (0/0/0 errors)
[root@localhost ~]# cryptsetup luksFormat /dev/sda2 WARNING! ======== This will overwrite data on /dev/sda2 irrevocably. Are you sure? (Type uppercase yes): YES Enter passphrase: Verify passphrase: Password quality check failed: The password is shorter than 7 characters [root@localhost ~]# cryptsetup luksFormat /dev/sda2 WARNING! ======== This will overwrite data on /dev/sda2 irrevocably. Are you sure? (Type uppercase yes): YES Enter passphrase: Verify passphrase: Password quality check failed: The password fails the dictionary check - it is based on a dictionary word [root@localhost ~]# cryptsetup luksFormat /dev/sda2 WARNING! ======== This will overwrite data on /dev/sda2 irrevocably. Are you sure? (Type uppercase yes): YES Enter passphrase: Verify passphrase: Password quality check failed: The password fails the dictionary check - it is based on a dictionary word
[root@localhost ~]# cryptsetup luksFormat /dev/sda2 WARNING! ======== This will overwrite data on /dev/sda2 irrevocably. Are you sure? (Type uppercase yes): YES Enter passphrase: ekC82B7XAmv3 Verify passphrase: ekC82B7XAmv3
[root@localhost ~]# cryptsetup isLuks /dev/sda2 [root@localhost ~]# cryptsetup isLuks /dev/sda2 && echo Success Success
[root@localhost ~]# cryptsetup luksDump /dev/sda2 LUKS header information for /dev/sda2 Version: 1 Cipher name: aes Cipher mode: xts-plain64 Hash spec: sha256 Payload offset: 4096 MK bits: 256 MK digest: 75 b9 1e 6c fc 72 6a c0 2a 67 6a db fa df 33 7f 65 a7 c5 3b MK salt: d8 65 2c b2 f8 43 af f6 30 0b ca 49 01 bf 1c c7 cd 62 7e 60 09 78 c8 5f 4f dc 5b f0 67 89 33 15 MK iterations: 89250 UUID: b22f30aa-72d7-4523-aa21-dc516da53fc8 Key Slot 0: ENABLED Iterations: 703294 Salt: 50 b4 74 b0 1f 07 e0 e5 11 56 ae a7 2c bd 64 a0 ef c6 e6 53 5c 73 5a 57 41 8f e4 38 69 99 2e 25 Key material offset: 8 AF stripes: 4000 Key Slot 1: DISABLED Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED