Question
On Linux (Debian, Mint ...), how to mount a LUKS Encrypted partition on boot ?
1. get THE UUID from blkid
Ex /dev/mapper/encrypted-partition: UUID="d62cb037-e5ba-4f49-a92a-69705e4bae2b" TYPE="crypto_LUKS"
not /dev/mapper/luks-d62cb037-e5ba-4f49-a92a-69705e4bae2b: UUID="f6d930b6-b75b-440c-9b41-67ed538bdd75" TYPE="ext4"
2. qdd napper name to /etc/crypttab
The partition will appear as a device in /dev/mapper/<mapper name>.
Entries in /etc/crypttab are of the form
<mapper name> UUID=<UUID>
Example 1:
decrypted-partition UUID=d62cb037-e5ba-4f49-a92a-69705e4bae2b
Example 2:
decrypted-partition UUID=d62cb037-e5ba-4f49-a92a-69705e4bae2b none luks
For more information on /etc/crypttab, see $ man crypttab.
3.Edit /etc/fstab and add
Example 1.
/dev/mapper/decrypted-partition /media/ext-hdd ext4 defaults 1 2
Example 2.
/dev/mapper/decrypted-partition /media/ext-hdd ext4 defaults,x-gvfs-name=ENC 1 2
Example 3
decrypted-partition UUID=d62cb037-e5ba-4f49-a92a-69705e4bae2b none luks
4. Reboot
Note
The next time you boot your system you will be prompted for the passphrase and the partition will be mounted to the given mount point. The output of $ blkid should now contain
/dev/mapper/encrypted-partition: UUID="d62cb037-e5ba-4f49-a92a-69705e4bae2b" TYPE="crypto_LUKS"
/dev/mapper/decrypted-partition: UUID="93f9bbf4-4e4f-4647-85f3-4fbba7d7a21f" TYPE="ext4"
Tips
Change UUID of LUKS encrypted partition.
1. Generate new uuid using uuidgen
2. cryptsetup luksUUID /dev/sda1 --uuid "THE-NEW-UUID"
Set / Change UUID of a partition
sudo tune2fs /dev/sde5 -U 507fe741-bf59-40f4-8cef-6b0803f11f30
Comments