USB Backup Keys
How to create USB backup keys
Intro
As a developer using Linux, I want to use LUKS encryption on a USB backup device, So that my data remains protected even if the device is lost or stolen.
Purchase
2x portable storage devices
Prerequisites
Perform the same steps below for each portable storage device.
Find block device file
In this example it is /dev/sdb
lsblk # sudo dmesg | tail
sudo parted /dev/sdb
Zero the header
Zero the header to prepare for encryption
# Critical confirm "of" points to the correct block device file
sudo dd if=/dev/zero of=/dev/sdb bs=4M count=1
Remove and re-connect the storage device.
Create partition table
Erase and create a new partition table
sudo fdisk /dev/sdb <<EOF
g
w
EOF
Create partition
Create partition for storing secret materials (example below will use all available space):
sudo fdisk /dev/sdb <<EOF
n
w
EOF
Format partition
Format the partition (Write the passphrase down or memorize it):
echo <PASSWORD> | sudo cryptsetup -q luksFormat /dev/sdb1
Mount partition
Mount the partition:
echo <PASSWORD> | sudo cryptsetup -q luksOpen /dev/sdb1 gnupg-secrets
Create filesystem
Create an ext2 filesystem:
sudo mkfs.ext2 /dev/mapper/gnupg-secrets -L gnupg-$(date +%F)
Unmount and close the encrypted volume
Unmount and close the encrypted volume:
sudo umount /mnt/encrypted-storage
sudo cryptsetup luksClose gnupg-secrets