Creating an encrypted lvm logical volume
robin Tuesday, September 01 2009 @ 05:49 PM BST Views: 23,529
I wanted to create a secure place to store ssl keys, etc. I decided to create an lvm logical volume and encrypt it. Here's what I did:
- Create the logical volume (LV):
lvcreate --size 5G --name lv_secure vg_name - Encrypt the LV:
cryptsetup luksFormat /dev/vg_a001/lv_secure - Verify the LV is encrypted:
cryptsetup isLuks /dev/vg_a001/lv_secure && echo Success - Open the secure volume and create a mapped device named "secure":
cryptsetup luksOpen /dev/vg_a001/lv_secure secure - Get info about the mapped device:
dmsetup info secure - Create an ext3 file system on the mapped device:
mke2fs -j /dev/mapper/secure - Mount the mapped device:
mkdir /mnt/secure
mount /dev/mapper/secure /mnt/secure - When you are done, unmount and close the secure device:
umount /mnt/secure
cryptsetup remove secure
