It is pretty much required to save your files in a encrypted way for security and privacy reason. IT infrastructure should offer this in the most easiest way. Though all hard disk vendors provide this kind of encryption, it would involve the use of a software distributed by the vendor and moreover, it would work only with Windows systems. I was on the lookout for a pretty robust and straight forward method to used it in an external hard disk. I got all the methods from this link below.
https://linux.fernandocejas.com/docs/how-to/encrypt-an-external-hard-drive
lsblk
lsblk - lists block devices
RECOMMENDED: Wipe all file systems and data from the hard drive
sudo wipefs -a /dev/sda
Run cryptsetup to create the encrypted partition (it would be mostly installed, otherwise install it)
sudo cryptsetup --verbose --verify-passphrase luksFormat /dev/sda
Open the encrypted partition
sudo cryptsetup luksOpen /dev/sda sda
Create a new filesystem on the encrypted partition
I chose F2FS which is Flash-Friendly File System developed by Samsung.
F2FS stands for Flash-Friendly File System. As the name suggests, F2FS is designed for flash-based storage, such as SD cards, eMMC modules, and flash drives. F2FS will achieve better performance and extend the lifetime of flash-based storage in many cases compared to other traditional file systems, such as ext4 or XFS. The F2FS format is especially useful on single-board devices (like Raspberry Pi, RockPro64, etc.) that boot from an SD card or an eMMC module. Many Android devices use F2FS too.
Install f2fs-tools
sudo apt-get install f2fs-tools
Format in f2fs
sudo mkfs.f2fs /dev/mapper/sda
Make a label for the hdd, I call it samsung
sudo mkfs.f2fs -l samsung /dev/mapper/sda
By default, some space has been reserved, but if you don’t intend to run a system from the hard drive, you can remove it to have slightly more space on the hard drive.
sudo tune2fs -m 0 /dev/mapper/sda
Now make the partition writable
sudo chmod +Rv /media/sid/3cd11ec2-a30d-4eb8-a24f-ddce6d1ef5f3/
Now you can write anything with the file explorer
sudo cryptsetup luksClose sda
Eject and remove the hdd
To open again
sudo cryptsetup luksOpen /dev/sda sda
Or while mounting your GUI will open a dialog box to enter your encryption password to open the folder. Using open source tools to encrypt the hard disk can be reliable.
No comments:
Post a Comment