*******文件系统加密*************
[root@localhost ~]# fdisk /dev/vdb ##创建一块分区,大小500M
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0xaa55007b.
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
First sector (2048-20971519, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): +500M
Partition 1 of type Linux and of size 500 MiB is set
Command (m for help): wq
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@localhost ~]# cryptsetup luksFormat /dev/vdb1 ##给分区加密
WARNING!
========
This will overwrite data on /dev/vdb1 irrevocably.
Are you sure? (Type uppercase yes): YES ##由于系统bug,此处YES必须大写
Enter passphrase:
Verify passphrase:
[root@localhost ~]# cryptsetup open /dev/vdb1 sumin ##容器解密后命名为sumin
Enter passphrase for /dev/vdb1:
[root@localhost ~]# ll /dev/mapper/sumin ##解密后的容器默认放在mapper目录下
lrwxrwxrwx. 1 root root 7 4月 22 21:18 /dev/mapper/sumin -> ../dm-0
[root@localhost ~]# mkfs.xfs /dev/mapper/sumin
meta-data=/dev/mapper/sumin isize=256 agcount=4, agsize=31872 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=127488, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@localhost ~]# mount /dev/mapper/sumin /mnt/ ##将解密后的容器挂载到/mnt目录下
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
[root@localhost mnt]# touch file{0..9} ##在/mnt下创建新文件
[root@localhost mnt]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3807184 6666716 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 140 942520 1% /dev/shm
tmpfs 942660 17064 925596 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
/dev/mapper/sumin 506540 25656 480884 6% /mnt
[root@localhost mnt]# cd
[root@localhost ~]# umount /mnt/
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3805232 6668668 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 140 942520 1% /dev/shm
tmpfs 942660 17064 925596 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
[root@localhost mnt]# mount /dev/mapper/sumin /mnt/ ##卸载后重新挂载
[root@localhost mnt]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 4月 22 21:01 control
lrwxrwxrwx. 1 root root 7 4月 22 21:19 sumin -> ../dm-0
[root@localhost mnt]# umount /mnt/
[root@localhost mnt]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 4月 22 21:01 control
lrwxrwxrwx. 1 root root 7 4月 22 21:19 sumin -> ../dm-0
[root@localhost mnt]# cryptsetup close sumin ##将解密后的容器关掉
[root@localhost mnt]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 4月 22 21:01 control
[root@localhost mnt]# cryptsetup open /dev/vdb1 sumin ##将解密后的容器重新打开
Enter passphrase for /dev/vdb1:
[root@localhost mnt]# mount /dev/mapper/sumin /mnt/ ##重新加载解密后的容器
[root@localhost mnt]# cd /mnt
[root@localhost mnt]# ls
file0 file1 file2 file3 file4 file5 file6 file7 file8 file9 ##可以显示刚才新建的文件
[root@localhost ~]# fdisk /dev/vdb ##创建一块分区,大小500M
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0xaa55007b.
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
First sector (2048-20971519, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): +500M
Partition 1 of type Linux and of size 500 MiB is set
Command (m for help): wq
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@localhost ~]# cryptsetup luksFormat /dev/vdb1 ##给分区加密
WARNING!
========
This will overwrite data on /dev/vdb1 irrevocably.
Are you sure? (Type uppercase yes): YES ##由于系统bug,此处YES必须大写
Enter passphrase:
Verify passphrase:
[root@localhost ~]# cryptsetup open /dev/vdb1 sumin ##容器解密后命名为sumin
Enter passphrase for /dev/vdb1:
[root@localhost ~]# ll /dev/mapper/sumin ##解密后的容器默认放在mapper目录下
lrwxrwxrwx. 1 root root 7 4月 22 21:18 /dev/mapper/sumin -> ../dm-0
[root@localhost ~]# mkfs.xfs /dev/mapper/sumin
meta-data=/dev/mapper/sumin isize=256 agcount=4, agsize=31872 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=127488, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@localhost ~]# mount /dev/mapper/sumin /mnt/ ##将解密后的容器挂载到/mnt目录下
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
[root@localhost mnt]# touch file{0..9} ##在/mnt下创建新文件
[root@localhost mnt]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3807184 6666716 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 140 942520 1% /dev/shm
tmpfs 942660 17064 925596 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
/dev/mapper/sumin 506540 25656 480884 6% /mnt
[root@localhost mnt]# cd
[root@localhost ~]# umount /mnt/
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3805232 6668668 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 140 942520 1% /dev/shm
tmpfs 942660 17064 925596 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
[root@localhost mnt]# mount /dev/mapper/sumin /mnt/ ##卸载后重新挂载
[root@localhost mnt]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 4月 22 21:01 control
lrwxrwxrwx. 1 root root 7 4月 22 21:19 sumin -> ../dm-0
[root@localhost mnt]# umount /mnt/
[root@localhost mnt]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 4月 22 21:01 control
lrwxrwxrwx. 1 root root 7 4月 22 21:19 sumin -> ../dm-0
[root@localhost mnt]# cryptsetup close sumin ##将解密后的容器关掉
[root@localhost mnt]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 4月 22 21:01 control
[root@localhost mnt]# cryptsetup open /dev/vdb1 sumin ##将解密后的容器重新打开
Enter passphrase for /dev/vdb1:
[root@localhost mnt]# mount /dev/mapper/sumin /mnt/ ##重新加载解密后的容器
[root@localhost mnt]# cd /mnt
[root@localhost mnt]# ls
file0 file1 file2 file3 file4 file5 file6 file7 file8 file9 ##可以显示刚才新建的文件
扫一扫
199
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
