[root@redhatB ~]# fdisk -cu /dev/sdc Command (m for help): p Disk /dev/sdc: 10.7 GB, 10737418240 bytes 255 heads, 63 sectors/track, 1305 cylinders, total 20971520 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xb097ae92 Device Boot Start End Blocks Id System /dev/sdc1 63 4209029 2104483+ 8e Linux LVM /dev/sdc2 4209030 8418059 2104515 8e Linux LVM /dev/sdc3 8418060 12627089 2104515 8e Linux LVM /dev/sdc4 12627090 20964824 4168867+ 5 Extended /dev/sdc5 12627153 14747669 1060258+ 8e Linux LVM /dev/sdc6 14747733 16868249 1060258+ 8e Linux LVM Command (m for help): n First sector (16870298-20964824, default 16870298): Using default value 16870298 Last sector, +sectors or +size{K,M,G} (16870298-20964824, default 20964824): +1G Command (m for help): p Disk /dev/sdc: 10.7 GB, 10737418240 bytes 255 heads, 63 sectors/track, 1305 cylinders, total 20971520 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xb097ae92 Device Boot Start End Blocks Id System /dev/sdc1 63 4209029 2104483+ 8e Linux LVM /dev/sdc2 4209030 8418059 2104515 8e Linux LVM /dev/sdc3 8418060 12627089 2104515 8e Linux LVM /dev/sdc4 12627090 20964824 4168867+ 5 Extended /dev/sdc5 12627153 14747669 1060258+ 8e Linux LVM /dev/sdc6 14747733 16868249 1060258+ 8e Linux LVM /dev/sdc7 16870298 18967449 1048576 83 Linux Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. WARNING: Re-reading the partition table failed with error 16: Device or resource busy. The kernel still uses the old table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) Syncing disks.
备注:关于 cryptsetup 命令的用法,可以 man 下,这里关键选项”luksFormat”,注意大小写。
1.4 输入密码,打开分区
1 2 3 4 5 6 7
[root@redhatB ~]# cryptsetup luksOpen /dev/sdc7 secret Enter passphrase for /dev/sdc7: No key available with this passphrase. Enter passphrase for /dev/sdc7: You have new mail in /var/spool/mail/root [root@redhatB ~]# ll /dev/mapper/secret lrwxrwxrwx. 1 root root 7 Jul 29 20:06 /dev/mapper/secret -> ../dm-3
[root@redhatB ~]# mke2fs -t ext4 /dev/mapper/secret mke2fs 1.41.12 (17-May-2010) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 65408 inodes, 261632 blocks 13081 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=268435456 8 block groups 32768 blocks per group, 32768 fragments per group 8176 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376 Writing inode tables: done Creating journal (4096 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 31 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override.
[root@redhatB ~]# cd /mnt/secret [root@redhatB secret]# history > history.txt [root@redhatB secret]# ls history.txt lost+found
1.8 查看加密分区映射对应的分区。
1 2 3 4 5 6 7 8 9
[root@redhatB mnt]# cryptsetup status secret /dev/mapper/secret is active and is in use. type: LUKS1 cipher: aes-cbc-essiv:sha256 keysize: 256 bits device: /dev/sdc7 offset: 4096 sectors size: 2093056 sectors mode: read/write
