he drive I am using here is a USB drive that has been mounted and encrypted on my laptop running RHEL6 (Red Hat Enterprise Linux 6). I want to mount on a server also running RHEL6.

I run dmesg and I can see that the server recognises it as /dev/sdb:

dmesg
etc...
USB Mass Storage support registered.
usb-storage: device scan complete
scsi 2:0:0:0: Direct-Access     Maxtor 6 Y120M0                PQ: 0 ANSI: 2 CCS
scsi 2:0:0:1: Direct-Access     WDC WD50 00AAKS-00YGA0         PQ: 0 ANSI: 2 CCS
scsi 2:0:0:0: Attached scsi generic sg1 type 0
scsi 2:0:0:1: Attached scsi generic sg2 type 0
sd 2:0:0:0: [sda] 240121728 512-byte logical blocks: (122 GB/114 GiB)
sd 2:0:0:1: [sdb] 976773168 512-byte logical blocks: (500 GB/465 GiB)

etc….

 

The operating system needs a device to talk to the under-lying encryption, to create this device on the new server we can use the cryptsetup utility. I am going to call the disk device d500.

 

cryptsetup luksOpen /dev/sdb1 d500

 

We can now look for the new device:

ls /dev/mapper/
control  d500  vg_lump-lv_root  vg_lump-lv_swap

 

Before we mount the disk we need a directory to mount it to.

mkdir /mnt/d500

 

Then mount the disk:

mount /dev/mapper/d500 /mnt/d500

 

We can also see the disk is now mounted:

df -h
/dev/mapper/d500      459G  198M  435G   1% /mnt/d500

 

If we want the disk to automatically mount upon boot we need to create an entry in /etc/fstab

If you need this to survive a reboot then an entry needs to be entered in /etc/crypttab so that the dev/mapper device is created at every reboot.

The fields are:

Name (that will be created under /dev/mapper/[name])   Device (often identified by UUID) and options (such as password to decrypt)

You can get the UUID by running the command

blkid

This will give you by default the UUIDs of all devices on the system.

You can then edit

/etc/crypttab

then add something like:

d500    UUID=2e23233fc-2323-49ba-a239-2872642-fd733219 none

Then when the system boots it will ask for the relevant password.