he drive I am using here is a USB drive that has been mounted and encrypted on my laptop running RHEL6 (Red Hat Enterprise Linux 6). I want to mount on a server also running RHEL6.
I run dmesg and I can see that the server recognises it as /dev/sdb:
USB Mass Storage support registered.
usb-storage: device scan complete
scsi 2:0:0:0: Direct-Access Maxtor 6 Y120M0 PQ: 0 ANSI: 2 CCS
scsi 2:0:0:1: Direct-Access WDC WD50 00AAKS-00YGA0 PQ: 0 ANSI: 2 CCS
scsi 2:0:0:0: Attached scsi generic sg1 type 0
scsi 2:0:0:1: Attached scsi generic sg2 type 0
sd 2:0:0:0: [sda] 240121728 512-byte logical blocks: (122 GB/114 GiB)
sd 2:0:0:1: [sdb] 976773168 512-byte logical blocks: (500 GB/465 GiB)
The operating system needs a device to talk to the under-lying encryption, to create this device on the new server we can use the cryptsetup utility. I am going to call the disk device d500.
cryptsetup luksOpen /dev/sdb1 d500
We can now look for the new device:
control d500 vg_lump-lv_root vg_lump-lv_swap
Before we mount the disk we need a directory to mount it to.
Then mount the disk:
mount /dev/mapper/d500 /mnt/d500
We can also see the disk is now mounted:
/dev/mapper/d500 459G 198M 435G 1% /mnt/d500
If we want the disk to automatically mount upon boot we need to create an entry in /etc/fstab
If you need this to survive a reboot then an entry needs to be entered in /etc/crypttab so that the dev/mapper device is created at every reboot.
The fields are:
Name (that will be created under /dev/mapper/[name]) Device (often identified by UUID) and options (such as password to decrypt)
You can get the UUID by running the command
This will give you by default the UUIDs of all devices on the system.
You can then edit
then add something like:
d500 UUID=2e23233fc-2323-49ba-a239-2872642-fd733219 none
Then when the system boots it will ask for the relevant password.