To create encrypted disks we are using cryptsetup
#apt-get install cryptsetup
Backup your data and optionally clean it:
#shred -n1 -v /dev/sdaX
Initializes a LUKS partition (warning!):
#cryptsetup luksFormat /dev/sdaX
Type “YES”. It will ask for a password for filesystem. Use a secure password, otherwise encryption wont help you.
There is other options for securing. Check the cryptsetup manual for details.
Open and sets up a mapping for LUKS partition:
#cryptsetup luksOpen /dev/sdaX your_map_name
Format the LUKS partition using the mapping:
#mkfs.ext3 /dev/mapper/your_map_name
Now you can mount it:
#mount /dev/mapper/your_map_name /mnt/your_mount_name
Optionally you can umount and (removes mapping) lock the LUKS again:
#umount /mnt/your_mount_name#cryptsetup luksClose your_map_name
I have tested this in Debian 6.0.0.
You may need to load module (optionally you may add in /etc/modules):
modprobe dm_mod
Edit /etc/crypttab
# <target name=””> <source device=””> <key file=””> <options>
your_map_name /dev/sdaX none luks
Edit /etc/fstab
# <file system=””> <mount point=””>nbsp; <type> <options> <dump> <pass>/dev/mapper/your_map_name /mnt/your_mount_name ext3 user,auto 0 0
You can reboot. It will ask for the password while booting.
source:
http://www.debian-administration.org/article/Encrypting_an_existing_Debian_lenny_installation
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3683011/Protect-Your-Stuff-With-Encrypted-Linux-Partitions.htm
http://www.linuxconfig.org/Partition_Encryption