Hey all -
I wrote this up when I was running Debian. It also translates to Ubuntu and I just finished up replicating this for ArchLabs. In short, it ought to work with any Linux distro as long as your drive is encrypted, you have the key file mentioned in the write-up OR simply just creating this from the beginning. I have interchanged a set of encrypted drives with a few Linux distros without issue.
The small print stuff: Assumptions - 1. Drive to be encrypted not be part of LVM. 2. cryptsetup has already been installed 3. You already know the device you wish to encrypt (I will be using /dev/sdb1 as an example) 4. You have already saved off any and all data on the drive you wish to encrypt - otherwise you will lose it all 5. You need to know how to use of sudo or su - Notes & WARNINGS - You have already saved off any and all data on the drive you wish to encrypt - otherwise you will lose it all This process I am presenting, worked for me - YMMV Please see the referring links at the end for a more complete overview of other options and processes as mine is a compilation from these link to suite my needs. ... and finally, You have already saved off any and all data on the drive you wish to encrypt - otherwise you will lose it all And now, for something completely different... The process: Create a key-file for authentication - you will want this if you intend to use auto mount on boot: dd if=/dev/urandom of=/root/drive_key bs=1024 count=4 Protect the key-file to be read only by root: chmod 0400 /root/drive_key Initialize the LUKS file system and use the key-file to authenticate instead of a password: cryptsetup -d=/root/drive_key -v luksFormat /dev/sdb1 Create the LUKS mapping using the key-file: cryptsetup -d=/root/drive_key luksOpen /dev/sdb1 data Create your file system (I use ext4): mkfs.ext4 /dev/mapper/data Create your mount point on the system (some folks use /media): mkdir /mnt/data Mount the new file system at the mount point: mount /dev/mapper/data /mnt/data Create the mapper for fstab to use - edit /etc/crypttab: # <target name> <source device> <key file> <options> data /dev/sdb1 /root/drive_key luks Add the mount point to fstab: /dev/mapper/data /mnt/data ext4 defaults 0 2 Reboot or use mount -a Referencing links for futher reading: 1. Linux Hard Disk Encryption With LUKS - https://www.cyberciti.biz/hardware/h...setup-command/ 2. Automatically Unlock LUKS Encrypted Drives With A Keyfile - https://www.howtoforge.com/automatic...with-a-keyfile 3. How to Recover a LUKS Encrypted Disk - https://alvinabad.wordpress.com/2012.../#comment-3634