luksit/README.md

# luksit

luks-encrypt an entire hard drive using a randomly-generated keyfile.  

## Origins

I based on a tutorial on [a github gist](https://gist.github.com/naomik/5428370#automountable) that's now down.  I found [a cached version](https://cc.bingj.com/cache.aspx?q=gist.github.com%2fnaomik%2f5428370&d=4747553971309591&mkt=en-US&setlang=en-US&w=g3oSGW8fFuVu8BTwP-yHy3zUj9TRWMZz) on bing.  That original tutorial can be found in `original-tutorial.md`.

## Installation

### Linux & friends

```sh
git clone https://gitea.gf4.pw/ki9/luksit.git /usr/local/src/luksit
ln -s /usr/local/src/luksit/luksit /usr/local/bin/luksit
```

## Usage

> **WARNING!** This program will wipe any drive you feed it and replace it with an empty luks-encrypted filesystem.  Always read command line prompts before typing 'y'.  Always double-check the device filename.  Always keep backups of your important data.  I am not responsible for misuse of this program.  

First, find the device name of the target drive.  I use the `lsblk` command.  Others prefer `fdisk -l`.  Check and double check.  If you go by the size, ensure you have no other drives of that size.  

Assuming the target device file is `/dev/sdf`, you can create a luks-encrypted ext4 filesystem on that drive by running this command.  You can change `mydrive` to something more memorable.  The decryption key will be saved to `/root/luks/mydrive.key` unless you modify the `$KEYDIR` var in the script.  

```sh
luksit sdf mydrive ext4
```

### Mounting on boot

The script does not yet support adding lines to `/etc/fstab` or `/etc/crypttab`.  Consult the "automountable" section in `original-tutorial.md` for help with automounting the drive.
Initial commit 2021-07-05 19:17:27 -06:00			`# luksit`

			`luks-encrypt an entire hard drive using a randomly-generated keyfile.`

			`## Origins`

			I based on a tutorial on [a github gist](https://gist.github.com/naomik/5428370#automountable) that's now down. I found [a cached version](https://cc.bingj.com/cache.aspx?q=gist.github.com%2fnaomik%2f5428370&d=4747553971309591&mkt=en-US&setlang=en-US&w=g3oSGW8fFuVu8BTwP-yHy3zUj9TRWMZz) on bing. That original tutorial can be found in `original-tutorial.md`.

			`## Installation`

			`### Linux & friends`

			```sh
			`git clone https://gitea.gf4.pw/ki9/luksit.git /usr/local/src/luksit`
			`ln -s /usr/local/src/luksit/luksit /usr/local/bin/luksit`
			```

			`## Usage`

			`> WARNING! This program will wipe any drive you feed it and replace it with an empty luks-encrypted filesystem. Always read command line prompts before typing 'y'. Always double-check the device filename. Always keep backups of your important data. I am not responsible for misuse of this program.`

			First, find the device name of the target drive. I use the `lsblk` command. Others prefer `fdisk -l`. Check and double check. If you go by the size, ensure you have no other drives of that size.

			Assuming the target device file is `/dev/sdf`, you can create a luks-encrypted ext4 filesystem on that drive by running this command. You can change `mydrive` to something more memorable. The decryption key will be saved to `/root/luks/mydrive.key` unless you modify the `$KEYDIR` var in the script.

			```sh
			`luksit sdf mydrive ext4`
			```

			`### Mounting on boot`

			The script does not yet support adding lines to `/etc/fstab` or `/etc/crypttab`. Consult the "automountable" section in `original-tutorial.md` for help with automounting the drive.