cryptsetup (EN)

Tool

Command-line tool for managing LUKS encryption

Definition

Cryptsetup is the command-line tool for managing LUKS encryption under Linux, used for installing and managing encrypted hard disk partitions. With this tool, you can initialize, open, close partitions and add or remove keys. It provides commands like 'luksFormat' for initializing a partition, 'luksAddKey' for adding a key, and 'luksRemoveKey' for removing a key. Cryptsetup is the primary interface for interacting with LUKS-encrypted devices and is offered by default in most Linux distributions.

Workflow

flowchart TD     A[LUKS partition] --> B{Cryptsetup command}     B --> C[luksFormat]     B --> D[luksOpen]     B --> E[luksClose]     B --> F[luksAddKey]     B --> G[luksRemoveKey]          C --> H[Initialization]     D --> I[Mount as /dev/mapper/device]     E --> J[Unmount]     F --> K[Add new key]     G --> L[Remove key]          I --> M[Data access possible]     J --> N[Access blocked]

In Context

Typically used together with dm-crypt (Device Mapper Crypt)
Related to: LUKS, dm-crypt, VeraCrypt, EncFS
Example use case: System encryption of /home partitions

Quelle: AI Generated