External USB Drives in Linux: Difference between revisions
No edit summary |
No edit summary |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Adding external USB drives in Linux is easy. Etch uses hotplug to detect it. Using dmesg you can find out what mountpoint it is (Linux creates a SCSI device to mount to /dev/sdb and the drive will probably be /dev/sdb1). | Adding external USB drives in Linux is easy. Etch uses hotplug to detect it. Using dmesg you can find out what mountpoint it is (Linux creates a SCSI device to mount to /dev/sdb and the drive will probably be /dev/sdb1). NB you can't grep dmesg to find this, you have to look through it because the sd creation doesn't contain the word 'usb'. | ||
/proc/bus/usb/devices shows you information about the connected USB device (you can tell what speed and type of usb device it is from here: | |||
D: Ver= 2.00 Spd=480 | |||
C: MxPwr= 2mA | |||
indicate it's USB 2) | |||
Most USB devices are formatted FAT32 which has a file size limit of 4GB. Because I'm using mine for Netvault backups and the virtual library media is created at sizes much larger than that, there are 2 choices: | Most USB devices are formatted FAT32 which has a file size limit of 4GB. Because I'm using mine for Netvault backups and the virtual library media is created at sizes much larger than that, there are 2 choices: | ||
Line 16: | Line 23: | ||
Test the (unmounted) disk for bad blocks using | Test the (unmounted) disk for bad blocks and write garbage all over each block using | ||
badblocks -c 10240 -s -w -t random -v /dev/sdb | badblocks -c 10240 -s -w -t random -v /dev/sdb | ||
In order to encrypt the whole disk I used this tutorial [http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian.] | (nb. it's better to use dd if=/dev/urandom of=/dev/sdb but takes much much longer...) | ||
In order to encrypt the whole disk I used this tutorial [http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian]. There's another one here [http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDeviceUsingLUKS]. | |||
Use dmesg and find usb to find out what device the kernel maps the drive to. | |||
apt-get install cryptsetup hashalot | apt-get install cryptsetup hashalot | ||
cfdisk /dev/sdb (if you still need to partition the disk, unlikely though) | cfdisk /dev/sdb (if you still need to partition the disk, unlikely though) | ||
I like fdisk - the disk needs to be set up so that it has a partition on it, as the partitions are encrypted, not the entire disk! So create a primary partition at least... | |||
cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb1 | cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb1 | ||
Open the encrypted device and assign it to a virtual /dev/mapper/YOURNAME device: | Open the encrypted device and assign it to a virtual /dev/mapper/YOURNAME (TripTerra) device: | ||
cryptsetup luksOpen /dev/sdb1 YOURNAME | cryptsetup luksOpen /dev/sdb1 YOURNAME | ||
Line 37: | Line 50: | ||
To mount | To mount | ||
mount /dev/mapper/ | cryptsetup luksOpen /dev/sdb1 YOURNAME | ||
mount /dev/mapper/TripTerra /mnt/ | |||
Line 45: | Line 60: | ||
To unmount | To unmount | ||
umount /mnt/ | umount /mnt/TripTerra | ||
cryptsetup luksClose /dev/mapper/ | cryptsetup luksClose /dev/mapper/TripTerra |
Latest revision as of 12:14, 16 October 2007
Adding external USB drives in Linux is easy. Etch uses hotplug to detect it. Using dmesg you can find out what mountpoint it is (Linux creates a SCSI device to mount to /dev/sdb and the drive will probably be /dev/sdb1). NB you can't grep dmesg to find this, you have to look through it because the sd creation doesn't contain the word 'usb'.
/proc/bus/usb/devices shows you information about the connected USB device (you can tell what speed and type of usb device it is from here:
D: Ver= 2.00 Spd=480
C: MxPwr= 2mA
indicate it's USB 2)
Most USB devices are formatted FAT32 which has a file size limit of 4GB. Because I'm using mine for Netvault backups and the virtual library media is created at sizes much larger than that, there are 2 choices:
ntfs-3G (which Etch doesn't support) and ext3 (which etch does).
Format to ext3 using
mke2fs -T ext3 /dev/sdb1
Then create an /etc/fstab entry
and mount
Test the (unmounted) disk for bad blocks and write garbage all over each block using
badblocks -c 10240 -s -w -t random -v /dev/sdb
(nb. it's better to use dd if=/dev/urandom of=/dev/sdb but takes much much longer...)
In order to encrypt the whole disk I used this tutorial [1]. There's another one here [2].
Use dmesg and find usb to find out what device the kernel maps the drive to.
apt-get install cryptsetup hashalot
cfdisk /dev/sdb (if you still need to partition the disk, unlikely though)
I like fdisk - the disk needs to be set up so that it has a partition on it, as the partitions are encrypted, not the entire disk! So create a primary partition at least...
cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb1
Open the encrypted device and assign it to a virtual /dev/mapper/YOURNAME (TripTerra) device:
cryptsetup luksOpen /dev/sdb1 YOURNAME
mkfs.ext3 -m 1 -O dir_index,filetype,sparse_super /dev/mapper/YOURNAME
To mount
cryptsetup luksOpen /dev/sdb1 YOURNAME
mount /dev/mapper/TripTerra /mnt/
Now it's transparently encrypted
To unmount
umount /mnt/TripTerra
cryptsetup luksClose /dev/mapper/TripTerra