How to create an encrypted file and open it
![How to create an encrypted file and open it](http://www.ctheroux.com/wp-content/uploads/2023/09/Unix-Logo.png)
You’ll find in this post the basic steps to create an encrypted luks file and open it. You’ll need to perform the following steps to create it:
- Create the file. bs times count will give you the total size of the encrypted file. In this example, the file size will be 512M (1M x 512).
dd if=/dev/urandom of=vaultfile.img bs=1M count=512
- Encrypt the file. You’ll be asked for the password twice. The name of the file in this example is vaultfile.img.
cryptsetup --verify-passphrase luksFormat vaultfile.img
- Open the encrypted file. The mapper name if myvault. It can be anything as long as you use the same one in the rest of these steps.
sudo cryptsetup open --type luks vaultfile.img myvault
- Create or format the encrypted file. ext4 is used in this example. Use any file system as long as it is supported on your system. /dev/mapper/myvault must correspond to the last argument of the previous step. It must be prefixed with /dev/mapper/. The parameter -L is the partition label. It does not need to match the last argument of the previous step.
sudo mkfs.ext4 -m 0 -L myvault /dev/mapper/myvault
- Close the newly created luks encrypted file.
sudo cryptsetup close myvault
The following steps must be performed to mount the encrypted file:
- This step creates a mount point. It can be any empty directory such as /mnt and so on.
sudo mkdir /myvaultmountpoint
- Open the encrypted file. The last parameter myvault can be anything. Nevertheless, it must be used in the next steps.
sudo cryptsetup open --type luks vaultfile.img myvault
- Mount the encrypted file. /dev/mapper/myvault must correspond to the last argument of the previous step. It must be prefixed with /dev/mapper/.
sudo mount /dev/mapper/myvault /myvaultmountpoint
- The content will be accessible from the directory /myvaultmountpoint.
Perform these steps to unmount the encrypted file.
- Unmount the encrypted file.
sudo umount /myvaultmountpoint
- Close the encrypted file.
sudo cryptsetup close myvault