How To Use Linux LUKS Full Disk Encryption For Internal / External / Boot Drives

2:10 "What's the easiest way to get around LUKS?"
Only appropriate response: "Good LUKS with that!"

Finally a video that actually explains the technology, rather than just spoonfeeding me commands to copy into the terminal.

This video just blew me away. i switched to Linux last week from Windows, and this OS which is user involved, is very interesting and fun working in a more hands-on fashion.

I would be interested in the remote key video.
I've been in the industry for a long time and thought I was retired. Your videos keep me one foot inside the industry. I just needed a career to pay the bills and avoid IT burnout so I work a 9-5 and manage a few servers for customers.

Yay! Nice to see a video on LUKS, cheers.

Ticked every checkbox in the lesson plan. Could/should be first video lesson in any Linux Certification syllabus. Great work.

I would love to see more videos about this, especially the scripts you talked about.

7:40 yes please make a video about that :)
Thank you

Great video on LUKS!

Wow thank you so much for this breakdown. This is more info than I was looking for but definitely what needed.

The ultimate guide! Lovely.

underrated channel imho

Great informative video. Thanks! This helped me a lot.

Impressive overview. Thanks you so much for the share.

Superb tutorial, thank you for this!

Thanks for this!!

awesome video! ty! i finally understand!

Would love to see an example of:
0. partiitioning with encryption inside a "live" system running from a (usb) .iso [x]ubuntu image,
1. running the live-installer,
2. performaing necessary post-live install steps.

Thank you!

I once encrypted a 2TB hard drive with a hidden partition. After being away for 2 years I have completely forgotten the password and all my data of 2 years are forever lost to me.
Lesson learned, never try making a password out of a random subtitution cipher you came up with one random afternoon thinking that you'll remember the method after 2 years.

if u hold down the ctrl key and roll your mouse wheel up... you will zoom into some mode where we can read the tiny letters instead of seeing a tiny thing and a bunch of background and white blank area. Squint-mode makes teaching harder. Would also be smart to change your base font to the most readable one possible like Ariel. Then your videos would be at least 20% more awesome!!! Many of us are OLD.

Do you have a video showing how to backup a luks encrypted drive to a synology device or freenas?

So I am running hyper-v with a few virtual machines. Should I leave the main hv boot drive decrypted and only encrypt the data drives?
Right now I have it to encrypt on boot so the server itself can’t boot to prevent any physical access but it can get challenging to do updates remotely.

Smooth voice

What happens when you do an update and get a newer header can you not keep the older version as a backup? What are the chances of bothering becoming corrupt?

Is it recommended to leave any free space after the disk encryption when encrypting ext4 with LUKS?

thank you so much!!

Can I change the name of the container in /dev/mapper, on an installed distribution?

Do we have to "close" an encrypted container before reboot or computer shutdown?

Hi Lawrence. I encrypted to hard drives on a live USB before i planned on doing a system install. The next morning it says that i don't have permission to view contents.
I completely reformatted the disks to LUKS/ext4 now neither work. Please help me.

Hmmm a dedicated keyserver would be interesting... thanks

if you want to fully decrypt the drive so it goes back to normal how would you do that?

I am having a hard time installing an OS to this encrypted drive. It seems the drive has been 'unmounted' as is not showing up at all in BIOS. Any advice?
Which utility are you using in this video?

I had to design own module for usb drive encryption using AES-256 algorithm.
Kindly suggest me where do I find relevant information about it.
Thnks

Is there a central management server for LUKS to manage the keys? i want to use linux in my company but i need a centralized Management Server for the Clients. Does anyone have an idea?

Any tips on if luks won't detect the keyboard on a laptop?

Sir I have a live Kali LUKS encrypted persistence USB. I want to set up a nuke password on it. The "cryptsetup luksAddNuke ..." is no longer available and now 'cryptsetup-nuke-password' is used. Using that on the USB Kali says:- "update-initramfs is disabled and Kali is running on a readonly system". Can you help?

I assume, it generates a random key which is used to encrypt the data, so encrypting two drives with the same password, they would have different keys, which would be good in e.g. the case your first passphrase was as easy as ‚password‘ and you change it later to a 512 bit random whatever, so the evil hackers can’t decrypt it later after the change as a consequence of the first weak passphrase.
So under the hood it should generate a random key, use this for encryption, then the password is just decrypting a part of the drive where the actual key is, so that part can be easily shredded and interchanged with a better password, is it like that?

how do you un mount and power down a luks protable SSD drive.

Can you do a video showing how to boot from a flash drive then the flash drive unlocks the hard drive to boot? I'd like a plausible deniability situation where you could plug in a red flash drive to get to one operating system and a blue flash drive to get to another operating sytsem

An update with encrypted /boot (grub2) would be nice.

Could you please create a video where it goes and grabs the password from else where so it can unlock itself. There is plenty of interest! If you have already created a video addressing that could you please link it.

Does anyone know what happens if I "initialize" luks encrypted drive from windows? I assume it gonna break the header because non initialized drives on windows means they are missing partition table so it thinks it's empty hardware, which on linux is also true as all you will see from lsblk just the drive itself no partition tables until you use cryptsetup to map luks partition first

Hi. Thanks for this. Gonna need to watch it a few times to properly digest it. I did a Linux Mint install with the goal to dual boot. However after a full encryption, I can't resize the partition to create a space for Windows 10. Seems like I need to level up my command line/ terminal kung fu to accomplish this task. Any advice?

if you have a strong password can the hard drive be hacked and file gets into it?

is their any way to add luks encryption to a hard drive without formatting it?

I want to remove harddisk password in deepin os. Please help

How does LUKs work? Is it just a container/ a partition that gets encryptet? Or is is possible to set up that while the system is booting u have to enter the pw ?

cant the disk be encrypted which has some data in it?

Hi, I'd like to know if there's a way to prevent a non root user to access the encrypted drives or partition ?

Please help, how do I remove full disk luks encryption?

bro, do you have tutorial to configure this with Yubikey also?
or anyone can help, please?

how it can encrypt so so so fast.. at 16gb with PGP ... it take several minutes .. this LUKS .. is douind it instantly .. is imposible to encryopt instantly somting...

I can’t access my encrypted disk again on kali.

When installing Linux for the first time it gives you the option to encrypt the drive. So what's the point of this video? Does it mean that the installation encryption is weak or useless?

How do I remove the luks encryption?

After watching about 5 videos, yours was the only one that explained the details of how the full disk encryption works. I was finally able to install Ubuntu on my USB drive. Thank you. However, I had to create 2 volumes, 1 for the boot (unencrypted) and 1 for the OS (encrypted). Is this how it is supposed to be？Is it possible (or necessary) to encrypt the boot partition too?

Hi Lawrence, can you make video data encryption with tang/clevis remote key server github.com/latchset/tang ,github.com/latchset/clevis

Hi root password it is encryption passphrase

overall nice tutorial but u lost me when u used the GUI to setup your luks encryption, CLI only tutorial would have been better so I didn't watch the whole thing.

I can see why the average person would prefer windows. Instead of having the option to just the disk I want to encrypt and set a password I'm faced with 20 minutes of gibberish and code.

WITHOUT FORMATTING !!!! HELLO!!!!???? Doesn't it occur to you that many users have want to encrypt drives WITH DATA?????

21mins of BS...