mirror of
https://github.com/tldr-pages/tldr.git
synced 2024-10-28 11:19:46 +01:00
cryptsetup: update page; cryptsetup-{open,luksformat}: add page (#14153)
This commit is contained in:
parent
a539317252
commit
5802774ae0
3 changed files with 57 additions and 9 deletions
17
pages/linux/cryptsetup-luksformat.md
Normal file
17
pages/linux/cryptsetup-luksformat.md
Normal file
|
@ -0,0 +1,17 @@
|
|||
# cryptsetup luksFormat
|
||||
|
||||
> Initialize a LUKS partition and the initial key slot (0) with a passphrase or keyfile.
|
||||
> Note: this operation overwrites all data on the partition.
|
||||
> More information: <https://manned.org/cryptsetup-luksFormat>.
|
||||
|
||||
- Initialize a LUKS volume with a passphrase:
|
||||
|
||||
`cryptsetup luksFormat {{/dev/sdXY}}`
|
||||
|
||||
- Initialize a LUKS volume with a keyfile:
|
||||
|
||||
`crypsetup luksFormat {{/dev/sdXY}} {{path/to/keyfile}}`
|
||||
|
||||
- Initialize a LUKS volume with a passphrase and set its label:
|
||||
|
||||
`cryptsetup luksFormat --label {{label}} {{/dev/sdXY}}`
|
26
pages/linux/cryptsetup-open.md
Normal file
26
pages/linux/cryptsetup-open.md
Normal file
|
@ -0,0 +1,26 @@
|
|||
# cryptsetup open
|
||||
|
||||
> Create a decrypted mapping of an encrypted volume.
|
||||
> Note: with TRIM enabled, minimal data leakage in form of freed block information, perhaps sufficient to determine the filesystem in use may occur.
|
||||
> However, you still most likely want to enable it, because the data inside is still safe and SSDs without TRIM will wear out faster.
|
||||
> More information: <https://manned.org/cryptsetup-open>.
|
||||
|
||||
- Open a LUKS volume and create a decrypted mapping at `/dev/mapper/mapping_name`:
|
||||
|
||||
`cryptsetup open {{/dev/sdXY}} {{mapping_name}}`
|
||||
|
||||
- Use a keyfile instead of a passphrase:
|
||||
|
||||
`cryptsetup open --key-file {{path/to/file}} {{/dev/sdXY}} {{mapping_name}}`
|
||||
|
||||
- Allow the use of TRIM on the device:
|
||||
|
||||
`cryptsetup open --allow-discards {{/dev/sdXY}} {{mapping_name}}`
|
||||
|
||||
- Write the `--allow-discards` option into the LUKS header (the option will then always be used when you open the device):
|
||||
|
||||
`cryptsetup open --allow-discards --persistent {{/dev/sdXY}} {{mapping_name}}`
|
||||
|
||||
- Open a LUKS volume and make the decrypted mapping read-only:
|
||||
|
||||
`cryptsetup open --readonly {{/dev/sdXY}} {{mapping_name}}`
|
|
@ -1,20 +1,25 @@
|
|||
# cryptsetup
|
||||
|
||||
> Manage plain dm-crypt and LUKS (Linux Unified Key Setup) encrypted volumes.
|
||||
> More information: <https://gitlab.com/cryptsetup/cryptsetup/>.
|
||||
> Manage plain `dm-crypt` and LUKS (Linux Unified Key Setup) encrypted volumes.
|
||||
> Some subcommands such as `luksFormat` have their own usage documentation.
|
||||
> More information: <https://manned.org/cryptsetup>.
|
||||
|
||||
- Initialize a LUKS volume (overwrites all data on the partition):
|
||||
- Initialize a LUKS volume with a passphrase (overwrites all data on the partition):
|
||||
|
||||
`cryptsetup luksFormat {{/dev/sda1}}`
|
||||
`cryptsetup luksFormat {{/dev/sdXY}}`
|
||||
|
||||
- Open a LUKS volume and create a decrypted mapping at `/dev/mapper/target`:
|
||||
- Open a LUKS volume and create a decrypted mapping at `/dev/mapper/mapping_name`:
|
||||
|
||||
`cryptsetup luksOpen {{/dev/sda1}} {{target}}`
|
||||
`cryptsetup open {{/dev/sdXY}} {{mapping_name}}`
|
||||
|
||||
- Display information about a mapping:
|
||||
|
||||
`cryptsetup status {{mapping_name}}`
|
||||
|
||||
- Remove an existing mapping:
|
||||
|
||||
`cryptsetup luksClose {{target}}`
|
||||
`cryptsetup close {{mapping_name}}`
|
||||
|
||||
- Change the LUKS volume's passphrase:
|
||||
- Change a LUKS volume's passphrase:
|
||||
|
||||
`cryptsetup luksChangeKey {{/dev/sda1}}`
|
||||
`cryptsetup luksChangeKey {{/dev/sdXY}}`
|
||||
|
|
Loading…
Reference in a new issue