benoit/mkdocs-benoit.jp.net
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
mkdocs-benoit.jp.net/HowtoSecureMailServer.page
benoit e75d7e19e5 chmod 600 /var.img
2017-02-23 23:40:22 +01:00

37 lines
994 B
Plaintext
Raw Blame History

Notes...
```
# dd if=/dev/zero of=/var.img bs=1M count=36000
# chmod 600 /var.img
# losetup /dev/loop0 /var.img
# cryptsetup luksFormat --hash sha256 --key-size=512 /dev/loop0
# cryptsetup luksOpen /dev/loop0 crypted-var
# mkfs.ext4 -LVAR /dev/mapper/crypted-var
# mount /dev/mapper/crypted-var /mnt/
# ### stop your service using /var, rsyslog, etc.
# rsync -avh --progress /var/ /mnt/
# umount /mnt
# echo "crypted-var /var.img none luks" >> /etc/crypttab
# echo "/dev/mapper/crypted-var /var ext4 defaults 0 2" >> /etc/fstab
# reboot
# go to scaleway console, and type your passphrase!
```
Enjoy you crypted `/var` volume!
```
root@machine:~# cryptsetup luksDump /var.img
LUKS header information for /var.img
Version: 1
Cipher name: aes
Cipher mode: xts-plain64
Hash spec: sha256
Payload offset: 4096
MK bits: 512
[…]
root@machine:~# df -h /var
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/crypted-var 35G 861M 32G 3% /var
```
Reference in a new issue View git blame Copy permalink