Txhawm rau tiv thaiv qhov tsis raug tso cai nkag mus rau cov ntaub ntawv ntawm lub hard drive, nws yog qhov tseem ceeb rau encrypt nws. Ntau Linux kev faib khoom muab rau encrypt koj lub ntsiab tsav thaum teeb tsa, tab sis koj yuav xav tau encrypt lwm hard drive sab nraud tom qab. Nyeem ntawv kom paub yuav ua li cas.
Ceeb Toom: Siv cov lus txib tsis raug, lossis qhov ntsuas tsis raug, yuav ua rau cov ntaub ntawv poob ntawm lub cuab yeej uas tsis yog lub hom phiaj nyuaj
Ua raws cov lus qhia no kom raug yuav lwv tag nrho cov ntaub ntawv los ntawm lub hom phiaj nyuaj tsav. Khaws thaub qab ntawm txhua cov ntaub ntawv tseem ceeb. Koj yuav tsum nyeem tag nrho tsab xov xwm ua ntej ua cov kauj ruam no.
Cov kauj ruam
Ntu 1 ntawm 2: Nkag Nkag Sab Nraud Hard Drive
Kauj Ruam 1. Txheeb xyuas seb puas yog
cryptsetup
yog tam sim no:
Ntaus sudo cryptsetup -hloov pauv mus rau lub davhlau ya nyob twg. Yog tias, tsis txhob luam tawm tus lej version, uas ua rau "tsis pom cov lus txib", koj yuav tsum tau nruab
cryptsetup
-
Nco ntsoov tias koj yuav tsum tau siv
sudo siv
. Sim ua kom khiav
cryptsetup
tsis muaj
sudo siv
- yuav ua rau "tsis pom cov lus txib" txawm hais tias qhov program tau teeb tsa.
Kauj Ruam 2. Txheeb xyuas cov cuab yeej twg txuas nrog:
sudo fdisk -l cov.
Kauj Ruam 3. Txuas lub hard drive sab nraud
Kauj Ruam 4. Txheeb xyuas cov cuab yeej twg txuas nrog dua
Khiav sudo fdisk -l dua thiab nrhiav ib feem uas txawv. Qhov ntawd yog lub hard drive koj txuas nrog. Nco ntsoov nws lub npe ntaus ntawv (piv txwv li
/dev/sdb
). Hauv kab lus no, nws yuav raug xa mus ua
/dev/sdX
; nco ntsoov hloov nws nrog txoj hauv kev hauv txhua qhov xwm txheej.
Kauj Ruam 5. Rov qab cov ntaub ntawv uas koj xav khaws
Cov kauj ruam tom ntej yuav lwv tag nrho cov ntaub ntawv los ntawm hard drive.
Kauj Ruam 6. Tshem lub hard drive sab nraud
Tsis txhob disconnect nws - tsuas yog unmount nws. Koj tuaj yeem ua li ntawd los ntawm koj tus thawj tswj ntaub ntawv, lossis nrog: sudo umount /dev /sdX
Kauj Ruam 7. So tag nrho cov ntaub ntawv kaw lus thiab cov ntaub ntawv los ntawm hard drive
Thaum qhov no tsis xav tau rau teeb tsa encryption, nws tau pom zoo.
- Txhawm rau so tsuas yog cov ntaub ntawv kaw lus ua haujlwm, siv: sudo wipefs -a /dev /sdX
-
Txhawm rau sau tag nrho cov ntaub ntawv ntawm lub hard drive, siv: sudo dd yog =/dev/urandom ntawm =/dev/sdX bs = 1M. Koj yuav tsis pom qhov kev nce qib lossis lwm qhov tso tawm, tab sis yog tias koj lub hard drive sab nraud muaj lub teeb uas ntsais thaum tus tsav sau rau, nws yuav tsum pib ntsais muag.
- Yog tias sab nraud nyuaj tsav loj, cia siab tias koj yuav tsum tau tos ntev. Thaum nws nyob ntawm lub cuab yeej thiab lub zog tsav, qhov ua tau nrawm yog 30 MB ib ob, siv sijhawm li 2½ teev rau 256 GB.
-
Yog tias koj xav pom qhov kev nce qib, nrhiav tus txheej txheem ID ntawm
dd ua
tom qab ntawd qhib lwm lub davhlau ya nyob twg thiab siv sudo tua -USR1 pid (pid yog koj tus txheej txheem ID). Qhov no yuav tsis xaus qhov txheej txheem (raws li
tua
tsis muaj
-UAS 1
- parameter yuav ua), tab sis tsuas yog qhia nws kom luam pes tsawg bytes nws tau theej.
- Siv sudo dd yog =/dev/xoom ntawm =/dev/sdX bs = 1M kom rov sau dua nrog zeroes hloov pauv yuav sai dua, tab sis qee qhov tsis muaj kev nyab xeeb dua li rov sau dua nrog cov ntaub ntawv tsis raug.
Kauj Ruam 8. Khiav
cryptsetup
:
sudo cryptsetup --verbose --verify-passphrase luksFormat /dev /sdX
-
cryptsetup
yuav ceeb toom koj tias cov ntaub ntawv yuav raug sau tsis raug. Hom
YOG
kom paub meej tias koj xav ua qhov no thiab txuas ntxiv mus. Koj yuav raug ceeb toom kom xaiv ib lo lus zais. Tom qab koj xaiv ib qho, nws yuav siv qee lub sijhawm los teeb tsa encryption.
cryptsetup
- yuav tsum ua tiav nrog "Kev hais kom ua tiav."
-
Yog
cryptsetup
ceeb toom rau koj txog cov faib uas twb muaj lawm (nrog cov lus ntawm daim ntawv
CEEB TOOM: Ntaus ntawv /dev /sdX twb muaj …… faib npe
- ), koj tsis tau tshem tawm cov ntaub ntawv uas twb muaj lawm. Koj yuav tsum xa mus rau cov kauj ruam hais txog so cov ntaub ntawv kaw lus thiab cov ntaub ntawv, tab sis nws kuj tseem tuaj yeem tsis quav ntsej cov lus ceeb toom thiab txuas ntxiv mus.
Kauj ruam 9. Qhib encrypted muab faib:
sudo cryptsetup luksOpen /dev /sdX sdX (hloov ob qho tib si
sdx ua
nrog qhov muab faib encrypted koj nyuam qhuav teeb tsa.)
Koj yuav tau txais kev ceeb toom rau ib lo lus zais. Nkag mus rau lo lus zais uas koj tau xaiv hauv cov kauj ruam dhau los
Kauj Ruam 10. Txheeb xyuas qhov muab faib ua encrypted tau mapped rau
Nws yog feem ntau
/dev/mapper/sdX
tab sis koj yuav tsum tau tshuaj xyuas ob zaug siv sudo fdisk -l.
Kauj Ruam 11. Tsim kom muaj cov ntaub ntawv tshiab ntawm qhov muab faib encrypted
Teeb tsa qhov encryption tau so ib qho uas tau muaj yav dhau los. Siv qhov hais kom ua: sudo mkfs.ext4/dev/mapper/sdX
-
Nws yog ib qho tseem ceeb uas koj qhia
/dev/mapper/sdX
. Yog koj qhia
/dev/sdX
- Hloov chaw, koj yuav format lub disk ua unencrypted EXT4 muab faib.
- Koj tuaj yeem muab koj cov ntaub ntawv kaw lus kaw lus nrog -L kev xaiv, piv txwv li: sudo mkfs.ext4 -L MyEncryptedDisk/dev/mapper/sdX
Kauj Ruam 12. Tshem qhov chaw tseg
Los ntawm lub neej ntawd, qee qhov chaw tau tshwj tseg, tab sis yog tias koj tsis npaj siab yuav ua haujlwm ntawm lub hard drive, koj tuaj yeem tshem nws kom muaj chaw me ntsis ntxiv ntawm lub hard drive. Siv qhov hais kom ua: sudo tune2fs -m 0/dev/mapper/sdX
Kauj Ruam 13. Kaw lub cuab yeej encrypted:
sudo cryptsetup luksClose sdX
Tam sim no koj tuaj yeem txuas lub hard drive sab nraud yam xyuam xim. Rau cov lus qhia ntawm kev qhib nws dua thiab siv nws, xa mus rau "Qhib qhov Encrypted Sab Nraud Hard Drive" txoj hauv kev
Ntu 2 ntawm 2: Qhib Encrypted Sab Nraud Hard Drive
Kauj Ruam 1. Txuas lub hard drive sab nraud
Kauj Ruam 2. Tos thiab saib seb puas muaj lus qhib
Qee lub tshuab yuav cia li nug tus lej nkag, thiab yog tias koj nkag mus rau qhov raug, teeb tsa lub cuab yeej.
Kauj Ruam 3. Mount tus tsav manually yog tias qhov hais kom sai tsis qhib
- Nrhiav lub npe ntaus ntawv: lsblk
- Yog tias qhov no yog thawj zaug koj tau teeb tsa nws, tsim cov npe rau mount nws hauv, piv txwv li: sudo mkdir /mnt /encrypted. Txwv tsis pub, siv cov npe uas koj tau tsim yav dhau los.
- Qhib qhov muab faib encrypted: sudo cryptsetup luksOpen /dev /sdX sdX
- Mount lub encrypted muab faib: sudo mount/dev/mapper/sdX/mnt/encrypted
Kauj Ruam 4. Kho qhov kev tso cai yog tias qhov no yog thawj zaug koj tab tom teeb tsa lub tsav
Thaum koj nce tus tsav thawj zaug, sau ntawv mus rau tus tsav xav tau
sudo siv
. Txhawm rau hloov qhov ntawd, hloov cov tswv cuab ntawm daim nplaub tshev rau tus neeg siv tam sim no: sudo chown -R `whoami`: cov neeg siv /mnt /encrypted
Yog tias koj lub hard drive tau teeb tsa ncaj qha, koj tuaj yeem paub qhov twg nws tau teeb tsa siv lsblk. Feem ntau, nws nyob ntawm txoj hauv kev zoo ib yam li:/media/your_username/drive_label
Kauj Ruam 5. Siv lub hard drive
Tam sim no koj tuaj yeem siv koj lub hard drive encrypted zoo li koj xav tau lwm lub hard drive, nyeem cov ntaub ntawv los ntawm nws thiab xa cov ntaub ntawv mus rau nws.
Kauj Ruam 6. Unmount lub hard drive encrypted
Qhov no yog qhov tsim nyog kom koj tuaj yeem txuas nws yam xyuam xim. Koj tuaj yeem ua li ntawd los ntawm tus tswj ntaub ntawv, lossis hla lub davhlau ya nyob twg:
- Unmount qhov muab faib encrypted: sudo umount /mnt /encrypted
-
Kaw qhov muab faib encrypted: sudo cryptsetup luks Kaw sdX
-
Yog tias qhov ntawd muab cov lus yuam kev "Ntaus ntawv sdX tsis ua haujlwm.", Qhov kev faib tawm encrypted tau raug qhib nyob rau hauv lwm lub npe (uas tuaj yeem tshwm sim, piv txwv li, yog tias koj nkag mus rau kab lus hauv qhov hais kom ua sai dua ntawm kev teeb tsa tus kheej). Koj tuaj yeem pom nws nrog lsblk hais kom ua. Nrhiav kev nkag ntawm hom
crypt
- .
-
Lub tswv yim
- Yog tias koj txuas lub hard drive ua ntej ua tiav cov theem, nws zoo li nws yuav tsis nce yog tias koj txuas nws dua. Hauv qhov xwm txheej ntawd, nrhiav nws siv sudo fdisk -l, tom qab ntawv ua tiav cov theem lossis ua kom nws muaj lub hard drive tsis nkag mus.
-
cryptsetup
- muaj Cov Lus Nug Nug Cov Lus Nug nrog cov ntaub ntawv ntxaws ntxaws txog nws siv:
Lus ceeb toom
-
Nyeem cov lus ceeb toom uas tuaj nrog
cryptsetup
- . Koj tuaj yeem nyeem cov no hauv phau ntawv qhia nrog tus txiv neej hais kom ua cryptsetup.
- Kev tiv thaiv kev tiv thaiv cov ntaub ntawv ntawm koj lub hard drive thaum lub encrypted muab faib tsis tau ntsia thiab qhib. Thaum nws qhib, nws tseem yuav raug tso cai nkag mus yog tias koj tsis ceev faj.
