March 28, 2014

Portable Drive encryption with Ubuntu

I haven't used encryption on hard disk drives or pen drives ever. But recently I got a requirement to encrypt some portables disks. And there are some limitations also. After encrypting you would not be able to use that drive on Windows Operating System. You are going to limit to ext4 file system as well.

First you have to install cryptsetup to format your portable drive with encryption. To install cryptsetup run following command on a terminal.
sudo apt-get install cryptsetup
After that you have to open Disk utility application. To open it just search on Unity dash board like below.
 
 Then you will get a window like this.
Click on "Unmount Volume"
Click on "Format Volume". Then you will get a new dialog box like below. Select "Encrypt underlying device" option, before clicking "Format" button.
After that Disk Utility will ask for a pass-phrase to encrypt device. Give a strong pass-phrase and don't forget it! If you forget it, you will loose your all important and confidential data.
Then wait till it format the drive. This may take some time depending on your device capacity.
After completing formatting you will get below window.
Most probably after formatting disk utility will automatically mount your disk without prompting for the password. When you are connecting encrypted disk next time, Ubuntu will prompt for the password like below
Just type the pass-phrase and use your portable drive.
But sometimes Ubuntu will prompt for the pass-phrase. When you are attempting to mount drive you will get below error.
Unable to mount x.x GB Encrypted
Error unlocking device: cryptsetup exited code 5: Device <UUID> already exists.
There is a workaround for this bug. What you have to do first is closing all the applications which is using files on your encrypted device. Even the terminal windows you have to close.
Then run below command on a terminal.
sudo dmsetup remove /dev/mapper/<UUID>
Change the UUID part according to your error message. If you are getting an error like below after running above command, please check whether there are any application which uses your encrypted device. If you have anything running please close it and run above command again!
device-mapper: remove ioctl failed: Device or resource busy
Command failed

2 comments:

  1. Replies
    1. Yes dilan, this works in 12.04. I recommend to use this in archive or backup drives.

      Delete