Shell script: Opens LUKS Partition and Sets Up a Mapping [ Mounting Encrypted Partition ]

by on December 4, 2011 · 1 comment

Linux comes with the cryptsetup command. It is used to setup dm-crypt (transparent disk encryption subsystem in Linux kernel) managed device-mapper mappings. This shell script can be used to mount dm-crypt based partitions with passphrase:

 
#!/bin/bash
# A simple shell to mount disk encryption based parition under Linux.
# Tested on Debian and Ubuntu base NAS servers.
# ----------------------------------------------------------------------------
# Written by Vivek Gite <http://www.cyberciti.biz/>
# (c) 2008 nixCraft under GNU GPL v2.0+
# ----------------------------------------------------------------------------
# Last updated: 05/Dec/2011
# ----------------------------------------------------------------------------
 
### commands ###
_crypt="/sbin/cryptsetup"
_vg="/sbin/vgscan"
_vgc="/sbin/vgchange"
_mnt="/bin/mount"
 
### SET ME FIRST ###
### Partition specific settings ###
### SET ME FIRST ###
_device="/dev/md3"
_name="securebackup"
_mnts="/dev/cryptvg/mybackup "
_mntd="/securebackup/"
 
echo
${_crypt} luksOpen ${_device} $_name
 
echo
${_vg} --mknodes
${_vgc} -ay
 
echo
${_mnt} ${_mnts} ${_mntd}
 

This script is stored on our nas server. All backups are on RAID-6 disks are encrypted. The nas server is online 24x7. After rebooting the server you need to run this script to mount the dm-crypt based partition. A sample session is as follows:
$ ssh vivek@nas112.backup.lan.nixcraft.co.in
$ sudo /usr/local/sbin/mount.crypt
Sample outputs:

Enter passphrase for /dev/md3:
  Reading all physical volumes.  This may take a while...
  Found volume group "cryptvg" using metadata type lvm2
  1 logical volume(s) in volume group "cryptvg" now active

Verify disk space and newly mounted partition:
$ df -H
Sample outputs:

Filesystem             Size   Used  Avail Use% Mounted on
/dev/md0               127G   930M   120G   1% /
tmpfs                  1.1G      0   1.1G   0% /lib/init/rw
udev                   1.1G   267k   1.1G   1% /dev
tmpfs                  1.1G      0   1.1G   0% /dev/shm
/dev/md2               1.6T    88G   1.5T   6% /data
/dev/mapper/cryptvg-mybackup
                       635G    59G   544G  10% /securebackup
4000+ howtos and counting! If you enjoyed this article, join 45000+ others and get free email updates!

{ 1 comment… read it below or add one }

1 Dinesh December 14, 2011

Hi folks,

Any body having goood snmp notes with all it command. I apreciate if anybody provides asap.

Leave a Comment

You can use these HTML tags and attributes for UNIX commands or shell scripts: <strong> <em> <ol> <li> <u> <ul> <blockquote> <pre> <a href="" title="">
What is 8 + 10 ?
Please leave these two fields as-is:
Are you a human being? Solve the simple math so we know that you are a human and not a script.



Tagged as: bash commands, crypt, cryptsetup command, disk encryption, kernel, linux, mapper, mount command, partition, shell script, vg, vgchange command, vgscan command

Previous Script:

Next Script: