The dm-crypt tool is as an encryption layer for the device-mapper used by all major Linux distributions to encrypt a storage volumes. I’m going to describe here how to use it for encryption of e.g. USB-sticks or any other removable media used quite often to transfer or backup data.
LUKS
LUKS (Linux Unified Key Setup) does not provide any encryption. It’s a tool creating and managing a partition header containing all information required by encryption/decryption tools. A big advantage of using LUKS is a fact that it does not use directly the passphrase provided by user to encrypt the whole partition. The user’s passphrase is used to encrypt a master key, so we can easily add another passphrase for a different user (up to 8 at the same time) or remove a possibly compromised one.
Continue reading…
© 2012 Martin Podolinský. All Rights Reserved.