Shell script: Opens LUKS Partition and Sets Up a Mapping [ Mounting Encrypted Partition ]


Linux comes with the cryptsetup command. It is used to setup dm-crypt (transparent disk encryption subsystem in Linux kernel) managed device-mapper mappings. This shell script can be used to mount dm-crypt based partitions with passphrase:

  1.  
  2. #!/bin/bash
  3. # A simple shell to mount disk encryption based parition under Linux.
  4. # Tested on Debian and Ubuntu base NAS servers.
  5. # ----------------------------------------------------------------------------
  6. # Written by Vivek Gite <http://www.cyberciti.biz/>
  7. # (c) 2008 nixCraft under GNU GPL v2.0+
  8. # ----------------------------------------------------------------------------
  9. # Last updated: 05/Dec/2011
  10. # ----------------------------------------------------------------------------
  11.  
  12. ### commands ###
  13. _crypt="/sbin/cryptsetup"
  14. _vg="/sbin/vgscan"
  15. _vgc="/sbin/vgchange"
  16. _mnt="/bin/mount"
  17.  
  18. ### SET ME FIRST ###
  19. ### Partition specific settings ###
  20. ### SET ME FIRST ###
  21. _device="/dev/md3"
  22. _name="securebackup"
  23. _mnts="/dev/cryptvg/mybackup "
  24. _mntd="/securebackup/"
  25.  
  26. echo 
  27. ${_crypt} luksOpen ${_device} $_name
  28.  
  29. echo 
  30. ${_vg} --mknodes
  31. ${_vgc} -ay
  32.  
  33. echo 
  34. ${_mnt} ${_mnts} ${_mntd}
  35.  

This script is stored on our nas server. All backups are on RAID-6 disks are encrypted. The nas server is online 24x7. After rebooting the server you need to run this script to mount the dm-crypt based partition. A sample session is as follows:
$ ssh vivek@nas112.backup.lan.nixcraft.co.in
$ sudo /usr/local/sbin/mount.crypt
Sample outputs:

Enter passphrase for /dev/md3:
  Reading all physical volumes.  This may take a while...
  Found volume group "cryptvg" using metadata type lvm2
  1 logical volume(s) in volume group "cryptvg" now active

Verify disk space and newly mounted partition:
$ df -H
Sample outputs:

Filesystem             Size   Used  Avail Use% Mounted on
/dev/md0               127G   930M   120G   1% /
tmpfs                  1.1G      0   1.1G   0% /lib/init/rw
udev                   1.1G   267k   1.1G   1% /dev
tmpfs                  1.1G      0   1.1G   0% /dev/shm
/dev/md2               1.6T    88G   1.5T   6% /data
/dev/mapper/cryptvg-mybackup
                       635G    59G   544G  10% /securebackup
by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 

I'M A LAMER DON'T TROLL ME mas[TER] Copyright © 2013 | Powered by rifsivk yum