Howto create encrypted Container Files for private Photos?
REMARKS:
- EVERY unlocked and active mounted Luks Drive could be read out by attackers!
- Use long Passwords for Luks!
- dismount and LOCK unused luks drives/containers if NOT used!
Create and mount Script:
#!/bin/bash # Script creates 4GB Encrypted File Container, set Password # and mount it to /mnt/photos-private change your username!!! # # check free loop device set as variable loop=`losetup -f` # move existing container to old as BACKUP sudo mv container container.old # create container 4G sudo dd if=/dev/urandom of=container bs=1M count=4096 # bind raw container disk to free a loop sudo losetup $loop container # encrypt container sudo cryptsetup -c aes-xts-plain64 -s 512 -h sha512 -y luksFormat container # open encrypted container sudo cryptsetup luksOpen $loop photos-private # format with ext4 Filesystem to open container sudo mkfs.ext4 /dev/mapper/photos-private # create mount point sudo mkdir /mnt/photos-private # mount sudo mount -t ext4 /dev/mapper/photos-private /mnt/photos-private # set correct user rights sudo chown -R yourusername /mnt/photos-private exit 0
Container mount Script (mount.sh)
#!/bin/bash # Luks Container mount script! loop=`losetup -f` sudo losetup $loop container sudo cryptsetup luksOpen $loop photos-private sudo mkdir /mnt/photos-private sudo mount -t ext4 /dev/mapper/photos-private /mnt/photos-private exit 0
Lock Drive/Containers (lock-drive.sh):
#!/bin/bash sudo umount /mnt/photos-private sudo cryptsetup luksClose /dev/mapper/photos-private exit 0