Sometimes you need an encrypted partition on a computer for storing sensitive data which should not fall into the wrong hands in case of lost. Here it is described how to create and manage such a partition in the shell.

Prerequisits

sudo apt-get install cryptsetup

Creating encrypted partition

In case of creating a new partition, here ist the command. But notice, that deletes all data on partition:

sudo cryptsetup -y -v luksFormat /dev/sdb1

Identify encrypted partition

Find the luks encrypted partition on the system or attach a portable drive with encrypted partition to the Linux system. All partitions of type LUKS on the system can be identified with:

lsblk -o NAME,FSTYPE,TYPE,MOUNTPOINT | grep crypto_LUKS

Unencrypt partition

Once identified, the partition can be unencrypted and opened:

sudo cryptsetup open /dev/sdb1 unencrypted

You are now requested for the passphrase given at encryption time. After successfully open of the partition, it is attached to the /dev/mapper/unencrypted. Now it must be mounted to the filesystem:

sudo mkdir /mnt/unencrypted
sudo mount /dev/mapper/unencrypted /mnt/unencrypted

Now the unencrypted content of the partition is accessible under /mnt/unencrypted.