Is there any way to fully encrypt my hard-drive AFTER an installation of Linux Mint?
Solution 1
If you want the entire hard drive encrypted, even the Linux Mint system partitions, swap, your home, the whole works, then I suspect the easiest would be to:
- backup your data (the Mint Backup Tool you linked an image to should work, but double-check for files you want backed up that aren't in your home)
- reinstall with encryption using the installer (I'm pretty sure it supports system encryption)
- then restore your data (home, reinstall programs)
OR
Just encrypt your home folder now with ecryptfs-migrate-home
but be sure & read it's man page & should heed it's warnings:
WARNING: Make a complete backup copy of the non-encrypted data to another system or external media. This script is dangerous and in case of an error, could result in data lost, or lock USER out of the system!
...
After a successful migration, the USER really must run ecryptfs-unwrap-passphrase(1) or zescrow(1) and record their randomly generated mount passphrase.
And ecryptfs-setup-swap
would encrypt your swap too, if interested.
Solution 2
You can try LUKS to encrypt partition or removable device
You need to install cryptsetup
utility
apt-get install cryptsetup
Configure LUKS partition
The following command will remove all data on the partition that you are encrypting.
for example to encrpt /dev/xvdc ,type the following command:
cryptsetup -y -v luksFormat /dev/xvdc
This command initializes the volume, and sets an initial key or passphrase. Please note that the passphrase is not recoverable so do not forget it
Type the following command:
cryptsetup luksOpen /dev/xvdc backup2
You can use the following command to see the status:
cryptsetup -v status backup2
to dump LUKS headers
cryptsetup luksDump /dev/xvdc
Format LUKS partition
dd if=/dev/zero of=/dev/mapper/backup2
to save time use pv
pv -tpreb /dev/zero | dd of=/dev/mapper/backup2 bs=128M
create file system:
mkfs.ext4 /dev/mapper/backup2
To mount the new filesystem :
mkdir /backup2
mount /dev/mapper/backup2 /backup2
df -H
cd /backup2
ls -l
to unmount:
umount /backup2
To secure DATA
cryptsetup luksClose backup2
mount or remount encrypted partition
cryptsetup luksOpen /dev/xvdc backup2
mount /dev/mapper/backup2 /backup2
df -H
mount
Related videos on Youtube
cmyk
Updated on September 18, 2022Comments
-
cmyk over 1 year
I'm askin myself, is there any software who can encrypt my whole hard drive with Linux Mint 17.3 on it AFTER the installation? Like TrueCrypt for Windows?!
If not and I've to reinstall everthing is there any possibility to safe all my datas (including the installed programs) to restore it after an successful installation of an fully encrypted OS?
Maybe with this tool (included in Linux Mint): http://www.crmk.de/mintbackuptool.jpg ???
-
Admin over 5 yearsWith Ubuntu 16.04 it is possible: askubuntu.com/a/1107295/723997
-
Admin over 4 yearsimage not found: mintbackuptool.jpg
-
-
Govind about 8 years
pv
"monitor(s) the progress of data through a pipe," it doesn't save time, but it would let you guess when the process will be finished -
cmyk about 8 yearsSadly I can't upvote actually. Even not on my own question :((
-
Govind about 8 years@cmyk No problem, if you stay on the site with more Qs & As I'm sure you'll get more "reputation points", I've already upvoted the Q. FYI, superuser.com has questions about Linux too, especially good for programs / techniques that are available to other OS's too (open source programs like web browsers, bash, etc) also askubuntu.com but they close questions that aren't directly about Ubuntu (even about Ubuntu-derived distros like Mint get closed). Good luck!
-
Milan Babuškov over 2 yearsWhy is this even marked as the accepted answer when it doesn't answer the question? The solution to reinstall doesn't answer the question of full-disk encrypting AFTER then install. And this is on top of google when looking for that.