Is there any way to fully encrypt my hard-drive AFTER an installation of Linux Mint?

If you want the entire hard drive encrypted, even the Linux Mint system partitions, swap, your home, the whole works, then I suspect the easiest would be to:

  1. backup your data (the Mint Backup Tool you linked an image to should work, but double-check for files you want backed up that aren't in your home)
  2. reinstall with encryption using the installer (I'm pretty sure it supports system encryption)
  3. then restore your data (home, reinstall programs)

OR

Just encrypt your home folder now with ecryptfs-migrate-home but be sure & read it's man page & should heed it's warnings:

WARNING: Make a complete backup copy of the non-encrypted data to another system or external media. This script is dangerous and in case of an error, could result in data lost, or lock USER out of the system!

...

After a successful migration, the USER really must run ecryptfs-unwrap-passphrase(1) or zescrow(1) and record their randomly generated mount passphrase.

And ecryptfs-setup-swap would encrypt your swap too, if interested.


You can try LUKS to encrypt partition or removable device

You need to install cryptsetup utility

apt-get install cryptsetup

Configure LUKS partition

The following command will remove all data on the partition that you are encrypting.

for example to encrpt /dev/xvdc ,type the following command:

cryptsetup -y -v luksFormat /dev/xvdc

This command initializes the volume, and sets an initial key or passphrase. Please note that the passphrase is not recoverable so do not forget it

Type the following command:

cryptsetup luksOpen /dev/xvdc backup2

You can use the following command to see the status:

cryptsetup -v status backup2

to dump LUKS headers 

cryptsetup luksDump /dev/xvdc

Format LUKS partition

dd if=/dev/zero of=/dev/mapper/backup2

to save time use pv

pv -tpreb /dev/zero | dd of=/dev/mapper/backup2 bs=128M

create file system:

mkfs.ext4 /dev/mapper/backup2

To mount the new filesystem :

mkdir /backup2
mount /dev/mapper/backup2 /backup2 
df -H
cd /backup2
ls -l

to unmount:

umount /backup2

To secure DATA

cryptsetup luksClose backup2

mount or remount encrypted partition

cryptsetup luksOpen /dev/xvdc backup2
mount /dev/mapper/backup2 /backup2
df -H
mount

Tags:

Encryption

Backup

Truecrypt

Recent Posts