36 lines
No EOL
973 B
Text
36 lines
No EOL
973 B
Text
Notes...
|
|
|
|
```
|
|
# dd if=/dev/zero of=/var.img bs=1M count=36000
|
|
# losetup /dev/loop0 /var.img
|
|
# cryptsetup luksFormat --hash sha256 --key-size=512 /dev/loop0
|
|
# cryptsetup luksOpen /dev/loop0 crypted-var
|
|
# mkfs.ext4 -LVAR /dev/mapper/crypted-var
|
|
# mount /dev/mapper/crypted-var /mnt/
|
|
# ### stop your service using /var, rsyslog, etc.
|
|
# rsync -avh --progress /var/ /mnt/
|
|
# umount /mnt
|
|
# echo "crypted-var /var.img none luks" >> /etc/crypttab
|
|
# echo "/dev/mapper/crypted-var /var ext4 defaults 0 2" >> /etc/fstab
|
|
# reboot
|
|
# go to scaleway console, and type your passphrase!
|
|
```
|
|
|
|
Enjoy you crypted `/var` volume!
|
|
|
|
```
|
|
root@machine:~# cryptsetup luksDump /var.img
|
|
LUKS header information for /var.img
|
|
|
|
Version: 1
|
|
Cipher name: aes
|
|
Cipher mode: xts-plain64
|
|
Hash spec: sha256
|
|
Payload offset: 4096
|
|
MK bits: 512
|
|
[…]
|
|
|
|
root@machine:~# df -h /var
|
|
Filesystem Size Used Avail Use% Mounted on
|
|
/dev/mapper/crypted-var 35G 861M 32G 3% /var
|
|
``` |