mirror of
https://github.com/ivuorinen/cheatsheet-tldr.git
synced 2026-01-26 11:33:59 +00:00
32 lines
1.2 KiB
Plaintext
32 lines
1.2 KiB
Plaintext
---
|
|
syntax: markdown
|
|
tags: [tldr, linux]
|
|
source: https://github.com/tldr-pages/tldr.git
|
|
---
|
|
# cryptsetup open
|
|
|
|
> Create a decrypted mapping of an encrypted volume.
|
|
> Note: with TRIM enabled, minimal data leakage in form of freed block information, perhaps sufficient to determine the filesystem in use may occur.
|
|
> However, you still most likely want to enable it, because the data inside is still safe and SSDs without TRIM will wear out faster.
|
|
> More information: <https://manned.org/cryptsetup-open>.
|
|
|
|
- Open a LUKS volume and create a decrypted mapping at `/dev/mapper/mapping_name`:
|
|
|
|
`cryptsetup open {{/dev/sdXY}} {{mapping_name}}`
|
|
|
|
- Use a keyfile instead of a passphrase:
|
|
|
|
`cryptsetup open --key-file {{path/to/file}} {{/dev/sdXY}} {{mapping_name}}`
|
|
|
|
- Allow the use of TRIM on the device:
|
|
|
|
`cryptsetup open --allow-discards {{/dev/sdXY}} {{mapping_name}}`
|
|
|
|
- Write the `--allow-discards` option into the LUKS header (the option will then always be used when you open the device):
|
|
|
|
`cryptsetup open --allow-discards --persistent {{/dev/sdXY}} {{mapping_name}}`
|
|
|
|
- Open a LUKS volume and make the decrypted mapping read-only:
|
|
|
|
`cryptsetup open --readonly {{/dev/sdXY}} {{mapping_name}}`
|