Rocky 9.x Encrypt LVM logical volume before filesystem setup

From Notes_Wiki

Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > File system management > Encrypt LVM logical volume before filesystem setup

Encrypt LVM logical volume before filesystem setup

To configure encryption on an empty LVM logical volume in Rocky Linux 9.x after OS installation, follow these steps:

  1. Set up LUKS encryption on the logical volume: 
    cryptsetup luksFormat /dev/rl/mnt_data1
    You will be prompted to confirm and set a passphrase.
  2. Open the encrypted volume: 
    cryptsetup luksOpen /dev/rl/mnt_data1 mnt_data1
    This maps the encrypted device to `/dev/mapper/mnt_data1`
  3. Format the mapped device as desired (e.g., ext4 or xfs): 
    mkfs.ext4 /dev/mapper/mnt_data1
  4. Mount the encrypted volume: 
    mkdir /mnt/data1
    

    mount /dev/mapper/mnt_data1 /mnt/data1
  5. Configure auto-mounting at boot:
    1. blkid
    2. Edit /etc/crypttab and append 
      mnt_data1   UUID="e5d28922-c8aa-4d50-a303-7d5da35285b1"  none luks
    3. edit /etc/fstab and append 
      /dev/mapper/mnt_data1 /mnt/data1              ext4    defaults        1 2
  6. Reboot and test


Related youtube video

More videos related to this wiki are available at youtube channel https://www.youtube.com/channel/UCk8GVLah-TL2TrLlHVPgFKw



Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > File system management > Encrypt LVM logical volume before filesystem setup

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Rocky_9.x_Encrypt_LVM_logical_volume_before_filesystem_setup&oldid=8401"