How to encrypt entire linux sda? [closed]

Question

Closed. This question is off-topic. It is not currently accepting answers.

Questions seeking product, service, or learning material recommendations are off-topic because they become outdated quickly and attract opinion-based answers. Instead, describe your situation and the specific problem you're trying to solve. Share your research. Here are a few suggestions on how to properly ask this type of question.

Closed 5 years ago.

Improve this question

I know a little bit about encrypting partition with "cryptsetup", but it cannot encrypt live drive like /dev/sda1 for "/" or root partition ...

is there any tutorial out there for encrypting entire linux hard drive and ask/prompt for password message when booting ?

root@DATO-SERVER:/usr/local/src/.cache# lsblk -i -o NAME,TYPE,MOUNTPOINT
NAME   TYPE MOUNTPOINT
sda    disk
|-sda1 part /data/works
`-sda2 part /data/life
sdb    disk
`-sdb1 part /data/backups
sdc    disk
|-sdc1 part /boot
`-sdc2 part /data/sdcard
sdd    disk
|-sdd1 part /
|-sdd2 part /data/osx
|-sdd3 part /home
`-sdd4 part [SWAP]

What has your research shown?
– Moab
Commented Jan 23, 2019 at 14:31 — Moab, Commented Jan 23, 2019 at 14:31

grawity_u1686 · Accepted Answer · 2019-01-23 14:40:33Z

is there any tutorial out there for encrypting entire linux hard drive and ask/prompt for password message when booting ?

Note that configuring a password prompt on boot for / depends on the distribution. That is, Ubuntu has one method and its own instructions, Arch Linux has another, Gentoo has yet another. It also depends on your bootloader and firmware – for example, GRUB can decrypt a LUKS-encrypted / entirely on its own, but Syslinux cannot and would require a /boot partition.

Search keywords: "<distro name> encrypted root"
Ubuntu: https://help.ubuntu.com/community/ManualFullSystemEncryption, https://help.ubuntu.com/community/FullDiskEncryptionHowto
Arch: https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system
Gentoo: https://wiki.gentoo.org/wiki/Full_Disk_Encryption_From_Scratch_Simplified

(In contrast, configuring cryptsetup for data partitions is done nearly the same way everywhere.)

I know a little bit about encrypting partition with "cryptsetup", but it cannot encrypt live drive like /dev/sda1 for "/" or root partition ...

Then do it while the partition is not "live". You can run the necessary programs using a 'Live CD/USB', and it'll treat your main OS as just another ordinary partition.

To encrypt an existing partition and avoid losing data, you can use luksipc. (I've also heard that latest cryptsetup versions have this functionality built in to cryptsetup-reencrypt.) Do not 'format' the partition!

(Recommendation: First encrypt a data partition or two until you have a good grip on how cryptsetup, luksipc and related tools work.)

Stack Exchange Network

How to encrypt entire linux sda? [closed]

1 Answer 1

Not the answer you're looking for? Browse other questions tagged
linux
hard-drive
encryption
diskcryptor
.

Hot Network Questions

How to encrypt entire linux sda? [closed]

1 Answer 1

Not the answer you're looking for? Browse other questions tagged linuxhard-driveencryptiondiskcryptor.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
linux
hard-drive
encryption
diskcryptor
.