Using block device encryption
By using block device encryption the data is encrypted and decrypted at block-device level. The block device can be formatted with a filesystem. The decryption is performed once the filesystem is mounted by the operating system, transparently for users. This type of encryption protects best against media theft and can be used for datafile placement. In this recipe we will add a new disk and implement block-level encryption with Linux Unified Key Setup-on-disk-format (LUKS).
Getting ready
All steps will be performed with nodeorcl1 as root.
How to do it...
Shut down
nodeorcl1, then add a new disk to thenodeorcl1system and boot it. Our new device will be seen by the operating system as/dev/sdb. Next, create a new partition/dev/sdb1usingfdiskas follows:[root@nodeorcl1 ~]# fdisk /dev/sdb WARNING: DOS-compatible mode is deprecated. It's strongly recommended to switch off the mode (command 'c') and change display units to sectors (command 'u...
