Our Computer Notes
 
Search this site

Recent site activity
Security‎ > ‎

How to encrypt an USB drive in Ubuntu

If you want to encrypt your pendrive in ubuntu, just follow the next steps:

1) (Optional) Create a new partition table. Only if you want to create more than one partition in you usb drive. e.g: I created 2 partitions in my pendrive, one that i called 'public' (not encrypted, FAT format) and other 'private' (encrypted, ext3 format).

2) Install the pré-requisites:

    $ sudo apt-get install cryptsetup

3) Umount your usb device

    $ sudo umount /media/devicename

4) Load the module:

    $ sudo modprobe dm-crypt

5) Create the encrypted partition

    $ sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb1

    WARNING!
    ========
    This will overwrite data on /dev/sdb1 irrevocably.

    Are you sure? (Type uppercase yes): YES
    Enter LUKS passphrase:
    Verify passphrase:
    Command successful.

6) Open the encrypted partition

    $ sudo cryptsetup luksOpen /dev/sdb1 sdb1

    Enter LUKS passphrase:
    key slot 0 unlocked.
    Command successful.

7) Create the filesystem

    $ sudo mkfs.ext3 -L KINGSTON-ENCRYPTED /dev/mapper/sdb1

    mke2fs 1.40.8 (13-Mar-2008)
    Filesystem label=KINGSTON-ENCRYPT
    OS type: Linux
    Block size=4096 (log=2)
    Fragment size=4096 (log=2)
    356224 inodes, 1419615 blocks
    70980 blocks (5.00%) reserved for the super user
    First data block=0
    Maximum filesystem blocks=1455423488
    44 block groups
    32768 blocks per group, 32768 fragments per group
    8096 inodes per group
    Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736

    Writing inode tables: done
    Creating journal (32768 blocks): done
    Writing superblocks and filesystem accounting information: done
    
    This filesystem will be automatically checked every 21 mounts or
    180 days, whichever comes first.  Use tune2fs -c or -i to override.

8) Close the encrypted partition

    $ sudo cryptsetup luksClose sdb1

9) Now, every time you attach your usb drive, the following window will appear to you automatically:



ps: You can also use these steps to encrypt hard drives.

Comments (2)

Marcelo Carlomagno Carlos - Jun 23, 2008 3:19 PM

Important: the encryped partition will only works in linux while the 'public' partition we be available in every O.S. !

Marcelo Carlomagno Carlos - Sep 10, 2008 12:32 PM

Whan using it with Hard Drive Partitions and you want to load it at boot, edit file /etc/fstab and add the line:

/dev/mapper/sda6 /private ext3 defaults 0 0