The cryptsetup command is a utility in Linux that is used to create and manage encrypted block devices. It allows you to set up encrypted disks, partitions, and other types of block devices, and provides tools for managing and accessing these devices.
To use the cryptsetup command, you will need to specify the name of the block device that you want to create or manage, as well as various options and arguments that control the behavior of the command.
For example, to create an encrypted block device:
# cryptsetup luksFormat DEVICE
This will create a new encrypted block device on the specified DEVICE. You will be prompted to enter a password, which will be used to encrypt and decrypt the device.
If you encounter the below error while running the command cryptsetup:
cryptsetup: command not found
you may try installing the below package as per your choice of distribution:
| Distribution | Command |
|---|---|
| Debian | apt-get install cryptsetup-bin |
| Ubuntu | apt-get install cryptsetup-bin |
| Alpine | apk add cryptsetup |
| Arch Linux | pacman -S cryptsetup |
| Kali Linux | apt-get install cryptsetup-bin |
| CentOS | yum install cryptsetup |
| Fedora | dnf install cryptsetup |
| Raspbian | apt-get install cryptsetup-bin |
cryptsetup Command Examples
1. Initialize a LUKS volume (overwrites all data on the partition):
# cryptsetup luksFormat /dev/sda1
2. Open a LUKS volume and create a decrypted mapping at `/dev/mapper/{{target}}`:
# cryptsetup luksOpen /dev/sda1 target
3. Remove an existing mapping:
# cryptsetup luksClose target
4. Change the LUKS volume’s passphrase:
# cryptsetup luksChangeKey /dev/sda1