Encrypting partitions with Linux Unified Key Setup – LUKS
Being able to encrypt individual files can be handy, but it can be quite unwieldy for a large number of files. For that, we need something better, and we have three different methods:
- Block encryption: We can use this for either whole-disk encryption, or to encrypt individual partitions
- File-level encryption: We'd use this to encrypt individual directories, without having to encrypt the underlying partitions
- Containerized Encryption: Using third-party software that doesn't come with any Linux distribution, we can create encrypted, cross-platform containers that can be opened on either Linux, Mac, or Windows machines
The Linux Unified Key Setup (LUKS), falls into the first category. It's built into pretty much every Linux distribution, and directions for use are the same for each. For our demos, I'll use the CentOS virtual machine, since LUKS is now the default encryption mechanism for Red Hat Enterprise Linux 7 and CentOS 7.
