Creating an encrypted lvm logical volume
robin Tuesday, September 01 2009 @ 05:49 PM BST Views: 24,030
I wanted to create a secure place to store ssl keys, etc. I decided to create an lvm logical volume and encrypt it. Here's what I did:
- Create the logical volume (LV):
lvcreate --size 5G --name lv_secure vg_name
- Encrypt the LV:
cryptsetup luksFormat /dev/vg_a001/lv_secure
- Verify the LV is encrypted:
cryptsetup isLuks /dev/vg_a001/lv_secure && echo Success
- Open the secure volume and create a mapped device named "secure":
cryptsetup luksOpen /dev/vg_a001/lv_secure secure
- Get info about the mapped device:
dmsetup info secure
- Create an ext3 file system on the mapped device:
mke2fs -j /dev/mapper/secure
- Mount the mapped device:
mkdir /mnt/secure
mount /dev/mapper/secure /mnt/secure - When you are done, unmount and close the secure device:
umount /mnt/secure
cryptsetup remove secure