How to format an encrypted harddrive using Linux?

I`m not very experienced with Linux, however, there are a lot of inforamtion around, so I can usually learn what I need. I never understood, however, what "mounting" means in Linux. While using Windows I would simply plug in something (say, a USB pendrive) and then windows would ask me "Hey, do you want to browse that?", clearly Windows does something that I should know how to do but I don't fully understand.

If you've used Zip or RAR archives, mounting a disk is somewhat similar to opening such an archive. The largest difference is that it's done by the operating system itself (not by a separate program).

• When you open an archive, you basically tell some program to read the .zip file's contents and allow accessing the archived files inside.
• When you mount a disk, you tell the OS to read the disk's contents and allow accessing the files inside.

Windows, being primarily a desktop OS and having the "desktop" part fully integrated, takes care of mounting disks automatically. On Linux, in most desktop environments, it's also automatic, but Linux just allows stripping away the "desktop" and all its automation, depending on the needs. (Linux is just the kernel, everything else already comes as separate components.) For example, it's used on servers that don't have or need USB ports, on routers, on TVs, on mobile phones... Various "rescue" CDs, like SystemRescueCd, also avoid auto-mounting because of possible risks – e.g. if one is trying to recover data from a corrupted disk, then trying to mount it might corrupt it even more.

The problem is, to mount something I do (copy and paste, mind you)

mount /dev/fd0 /mnt/FolderIJustCreated

However, this time it doesn't work, since it doesn't recognize the HD type, and I can't help it by feeding -t since I also don't know what's the HD type. I mean, it was supposed to be fat32, but I think the encryption destroys that. So, How could I mount this typeless HD?

First make sure you're pointing it at the HD. /dev/fd0 always means the zeroth floppy disk. Hard disks are usually named /dev/sda, /dev/sdb... (On older Linux versions, they were /dev/hda, /dev/hdb, ... – I don't know how old is SystemRescueCd.)

Also, most of the time you'll need to point mount at a specific partition on that disk. Even if there was only one partition, it still has a separate device node: if the entire disk is /dev/sda, then its partitions will be /dev/sda1, /dev/sda2, and so on. The HD as a whole doesn't have a "type"; instead, each partition does. Or even more precisely, the filesystems existing in each partition have types like FAT32 or ext2.

Second, yes, if the disk was encrypted, then you cannot mount it directly: you must unlock it first. There cannot be a single answer on how to do that, since you haven't told which program was used to encrypt it – BitLocker? TrueCrypt? LUKS? Something entirely different? Some of them only work on Windows, too.

However, if all you want is to discard all existing data on the disk and to format it anew, then mounting is not needed anyway. You can create a new, empty filesystem – in other words, format the disk – using mkfs; see below.

Before doing that, you might need to delete all partitions and create a new empty one. It's not necessary in all cases though – if the p or print commands below show just one partition covering the entire disk space, then the other steps can be skipped, and the partition can be formatted directly. But some disk encryption programs might have altered the partition table in unusual ways.

• If SystemRescueCd runs a graphical interface, it might have GParted in the menus.

• Using parted:

  1. Run parted /dev/sda.
  2. Use print free to check the partition table's contents.
  3. Use mktable msdos to create a new partition table.
  4. Use mkpart primary fat32 1 100% to create a new partition (replacing fat32 with ntfs if needed – same as fdisk's "type", this does not actually affect the filesystem that the partition will contain).
  5. Exit parted with quit.

• Using fdisk:

  1. Run fdisk /dev/sda (giving it the device name for the entire HD).
  2. Use p to see the partition table's contents.
  3. You can use q to exit fdisk, if it already shows just a single partition.
  4. Use the o command to create a new, empty partition table.
  5. Use n to create a new partition. Pressing Enter to all the questions should work, but for reference, these answers should be given: p for "primary" as type, 1 as the number, 2048 as first sector, and just press Enter when asked about last sector – it will take the entire disk.
  6. Use t to change the partition's "type". Give it 0c if you're planning to use a FAT32 filesystem on the disk, or 07 if you're planning to use NTFS. (However, the partition type is just a number and does not really determine the partition's contents To be honest, I don't know if Windows cares about the difference between 0c and 07. Linux most certainly doesn't.)
  7. Use w to actually write the changes to disk.

After this, you should have a disk with one partition covering the entire disk's space. If the disk was /dev/sda, this partition will be /dev/sda1. It currently just has garbage in it (leftovers of the encrypted data), so create a filesystem by using one of the mkfs commands:

• To create a FAT32 filesystem, run mkfs.vfat /dev/sda1.

• To create a NTFS filesystem, run mkfs.ntfs /dev/sda1.

• Or, if SystemRescueCd does not have mkfs.ntfs, connect the disk to a Windows computer and use the "Format" option there.

NTFS can be a little more difficult to use on Linux, and can cause trouble when used on USB drives even on Windows. On the other hand, it's much more reliable than FAT32, especially on large disks.

After this step, /dev/sda1 can be mounted and used.

Furthermore, I never understood where the "/dev/fd0" part came from, does that mean that the thing I'm mounting is already on my system in the folder /dev/ ?

Yes. On Linux, many devices can be accessed through special files (device nodes) in /dev/ – if a program reads from /dev/fd0, it will see the raw data stored in the floppy disk (bypassing any filesystems); likewise, it can access the HD's contents through /dev/sda (and partitions such as /dev/sda1), control the computer's clock through /dev/rtc0, the screen's contents through /dev/fb0, play audio by writing to /dev/snd/pcmC0D0p`.

The fdisk, parted and mkfs.* programs use this to edit the partition table or to create new filesystems.

(On Windows, many devices have similar names too – e.g. \\.\Device\Harddisk0\Partition0 – but they are somewhat more separated, and cannot be seen in any folder.)

Since the device nodes appear as files, they often are used as such – e.g. /dev/zero is used as an endless source of zero bytes, /dev/(u)random as sources of random data, and /dev/null just discards everything that's written into it.

Related videos on Youtube

06 : 01

3 Ways To Securely Erase A Hard Drive On Linux

AddictiveTipsTV

48

06 : 20

Encrypt your Hard Drive in Linux

Average Linux User

39

05 : 31

Data Recovery BitLocker Encrypted Hard Drive using Kali Linux

Vienoula Inc.

18

03 : 12

Hard Drive Wipe - Linux

Ramo Monreal

3

28 : 23

How to Linux: Install encrypted system on SSD with cache for HDD

Tyx

1

Author by

ShizukaSM

Updated on September 18, 2022