I’ll be using Ubuntu 16.04 to demonstrate the encryption of a pre-existing and a new partition. The installation should go off without a hitch. I run Ubuntu 14.04. From your desktop menu, search for (and launch) the app labeled Disks. Works cleanly. When the process completes, the partition will appear with a lock icon in the lower right corner (Figure 3). solution 2: encrypt the entire volume on the HD. I tried using VeraCrypt and a plain encrypted … is one of the most recognizable encryption … You will be prompted again to verify the action and click Format a second time. Once encrypted, a passphrase will be required to gain access to said data. So, do you use an encrypted partition? Because of this, you’ll now need to copy that data back onto your now-encrypted drive. I’m going to introduce you to those tools, so that you can encrypt your flash drives with ease. From your desktop menu, search for (and launch) the app labeled Disks. Spending another $99 just to encrypt your hard drive for some additional security can be a tough sell when modern Windows PCs often only cost a few hundred bucks in the first place. Can be … When the process completes, the partition will appear with a lock icon in the lower right corner (, Let’s return to GNOME Disks and create a brand new, encrypted filesystem on our flash drive. The Linux Foundation has registered trademarks and uses trademarks. Install the cryptsetuppackage. If you encrypt a hard drive that is permanently connected to your system, you can also make it mount automatically on the boot of your system. Learn how to encrypt USB drives in Linux. Neowin published a guide about creating encrypted partitions on Linux with GNOME Disks.How to create encrypted partitions on Linux with GNOME Disks This short guide will show you how to create encrypted partitions on USB devices, external hard drives, and internal hard drives … And (much) older hard drives (less than 15GBs in size) just don’t support it. This post will show you how to encrypt a separate partition, a whole hard drive, or just a USB stick. Learn more about security and system administration with the, AT&T, Orange team up to Create Open SDN, NFV Standards, Fix Bugs, Go Fast, and Update: 3 Approaches to Container Security, Five practical guides for managing Linux terminal and commands, Registration Opens for Entry Level Linux Foundation Certified IT Associate Exam, Linux Foundation Discounts Instructor-Led Courses, CNCF Releases Free Training Course Covering Basics of Service Mesh with Linkerd, Linux and open source jobs are in high demand. The tool we will use is gnome-disks. The following instructions show the steps to create and configure encrypted block devices after installation. You … Windows – Encrypt Hard Drive. The BitLocker Drive Encryption … This process can also be used on any drive. During the day I am a scientist who uses computers to analyze genetic data. When you type it, you will see nothing. Let’s return to GNOME Disks and create a brand new, encrypted filesystem on our flash drive. WARNING: To encrypt and protect the device with a password using Disk Utility, you must … This is where you will need to type your passphrase. This tutorial will teach you how to very easily encrypt your external hard drive with Linux… The first thing you must do is install two tools. So, you can avoid the command line hassle. EXT4 file system reserves some space by default, but you won’t need it if you don’t run your system on this partition. Both of these tools are found in the standard repositories, so installation can be done with a single command. Step 2 – Format your USB Drive. You can view that data on any Linux machine that has cryptsetup installed. An external drive comes in handy to expand storage capacity, but they are also very easy to steal or otherwise become lost. ... save to a USB/external file or print it on paper. Before we begin this particular process, it is crucial that you back up the data on your external drive. Encrypting a USB drive is easy because most people don’t keep that much data on it. VeraCrypt and AESCrypt both offer AES-256 encryption… You can also create and view encrypted files, from your file manager: When you finish working with the encrypted partition, unmount it. Connect the removable storage device – for example, a USB flash drive or external hard drive … ). Copyright © 2020 The Linux Foundation®. However, you will be able to do that only with sudo because regular users do not have access to this folder. First, plug in your USB flash drive to the system. It is a command line tool, but there is nothing extraordinary. Figure 3: An encrypted partition showing in Disks. To find out the label of an external hard drive, open up a terminal, and use the following command. « How to shrink a Linux partition without losing data? Let’s take a look at a few. The lsblk command (list block devices) shows all attached drives. The first process we’ll undertake is the encryption of a pre-existing partition. In this post, I will show you the encryption method I use the most. Third-party hard drive encryption software. I also suggest to get rid of reserved space. Note, these solutions also work with any external hard drive, for the most part, plus your much-harder-to-steal internal hard disk drives (HDDs) and solid-state drives (SSDs). Make sure the passphrase is strong and then click Format. After that, click on the Configuration Symbol and select Format. You can use Gparted for that. I’ve tested this numerous times and, even when selecting Don’t overwrite existing data, the data is always overwritten. With the program open, click Create Volume and select the first option, create an encrypted file container. This way you can encrypt any hard drive, including flash drives. Thus, the “official and best” method, Secure Erase, remains somewhat of a gamble, making the alternatives that … You will be prompted again to verify the action and click Format a second time. Click Manage BitLocker. Encrypt a removable drive with BitLocker. Principle of Hard Drive Encryption. solution 3: buy an external hard drive that offers hardware encryption… It is probably the simplest method to encrypt your data in Linux. Now, you can start placing your files into it. You will need this password to unencrypt the partition. Do note, when you plug in that encrypted drive, you will be prompted for the passphrase as well as how long to remember the passphrase (. Mount it somewhere on your system. Depending upon the size of the drive (and the data it houses), this can take some time. Once you’ve selected the correct external (in this case flash) drive, you then click on the partition you want to encrypt. Encrypting a Drive. To encrypt a drive, launch the Disk Utility from the Dash. The same question here was answered with this library on GitHub for decrypting FileVault 2 drives on Linux. This makes for a very clean and hassle-free system. Next, launch the Disks utility from the Unity Dash. The installation should go off without a hitch. solution 1: encrypt each and every file via the backup script before copying it on the hard disk. This makes for a very clean and hassle-free system. Make sure you memorize it. No passphrase, no data. password and hit the Enter key. The first process we’ll undertake is the encryption of a pre-existing partition. Learn more about security and system administration with the Essentials of System Administration course from The Linux Foundation. I highly recommend selecting Forget password immediately. This feature can also be used to lock hard drive partitions on Linux, or even entire drives. 3. Click the + button and then, in the resulting window (, Congratulations, your flash drive (or external drive) is now encrypted. If not, know this: The encryption you’re about to apply will only be readable from other Linux systems. This short guide will show you how to create encrypted partitions on USB devices, external hard drives, and internal hard drives using the GNOME Disks tool found on popular Linux … Next, open the encrypted partition. There are many methods to perform encryption in Linux. Click Create and the new, encrypted partition will be formatted. To do this, insert the drive in question and then open Disks. The tool we will use is gnome-disks. That tool is gnome-disk-utility. When plugging the drive into another computer, password required window will pop up. I am the founder of the Average Linux User project, which is a hobby I work on at night. In this article we’ll go over the benefits and downsides of encrypting the entire hard drive on Ubuntu Linux. You can also issue the command gnome-disks from a terminal window. Auto-mount encrypted partitions at boot ». TrueCrypt. So, if you plan to lock a drive … It will work in any Linux distribution. Once the partition is opened, the encrypted partition is mapped to /dev/mapper/sdb1. However, given the potential for something to go wrong, you’re better off using software with a GUI and walkthrough. As you can see, the test files we created earlier are there. What We Don't Like. Comment and share: How to encrypt an external drive or card in macOS By Jack Wallen Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. External hard drive encryption on Linux is possible in the terminal. Now is when you’re going to be glad you did. Next, you will be prompted to type your passphrase. If you need to read the encrypted data from the Windows platform, you will be out of luck. This way you also get more space on the drive: Now, your partition is encrypted and ready to use. When you finished working with this encrypted files, unmount the partition: In some Linux systems, such Linux Mint in my case, you can also mount the encrypted partition by double-clicking on it in the file manager and entering your passphrase. Select the flash drive from the left navigation and then select the free space on the drive. You should see USB drive … You have to connect your hard drive to the system and check its name. I got a 2TB hard drive that I have to use with both Windows 10 and macOS 10.12 Sierra, maybe even on Linux in future. Be aware that all Data will be erased. When the utility starts, you can select the flash drive in question from the left navigation pane (Figure 1). Remember when I mentioned backing up the data on your drive? Next, open the encrypted partition with your decryption password: Now, it is available at /mnt/encrypted. Back up your data. Now, let’s get to the encryption. It will work in any Linux distribution. See How to use TrueCrypt®-encrypted Windows system drives on Linux… When the partition you want to encrypt is ready and all the data is backed up into another hard drive, run this command: Where /dev/sdb1 is the partition you want to encrypt. When backing up personal information onto external storage, encryption … First, you need to install cryptsetup package: Next, make sure the partition you are going to encrypt doesn’t have any important data on it because it will be overwritten during the encryption process. I want to copy this folder to an external hard drive and encrypt the folder. Do not continue on until the data has been backed up (otherwise, you run the risk of losing your data). You might think this would be a challenge, or require extensive use of the command line. To install both gnome-disk-utility and cryptsetup, open up a terminal window and issue the following command: Type your sudo password and hit the Enter key. Next, fill the device with random data before encrypting it, as this will significantly increases the strength of the encryption using the following commands. If you travel with sensitive data, you know there are always risks that your information could be lost or stolen. When you encrypt external drives, modern Linux file platforms will prompt you for their password when the devices are automatically or manually mounted. In the resultant window (Figure 2), select these two options: You’ve probably figured out the one limitation for this process already. If your hard drive is brand new, you may need to create a new partition table. The second tool is the cryptsetup tool. Warning: The above commands will wipe out any existing data on the device. I usually use LUKS encryption and dm-crypt. There are many methods to perform encryption in Linux. BitLocker. In the resultant window (, Give the encrypted partition a name and enter (and verify) the encryption passphrase. This utility is installed by default – if you don’t have it installed for some reason, install the gnome-disk-utility package. Let’s change the ownership of this encrypted folder, to give access to regular users: Now test it by create a file as a regular user without sudo. Now that you have everything installed, let’s encrypt. I have a folder on my local hard drive containing many thousands of files, totaling around 200GB. Click the + button and then, in the resulting window (Figure 4), set the following options: Partition size: Set the desired size for your new partition, Type: Encrypted, compatible with Linux systems, Passphrase: Set the encryption passphrase. This post will show you how to encrypt a separate partition, a whole hard drive, or just a USB stick. I’ll be using Ubuntu 16.04 to demonstrate the encryption … For the next read, I recommend you my post about Linux Root Folders. Otherwise, you could leave yourself open to someone slipping the drive in and gaining access to your data. Before we begin this particular process, it is crucial that you back up the data on your external drive. When the utility starts, you can select the flash drive in question from the left navigation pane (, Once you’ve selected the correct external (in this case flash) drive, you then click on the partition you want to encrypt. All rights reserved. To do this, insert the drive in question and then open Disks. Let me know below. Encrypting removable devices (USB flash drives, external hard drives, etc) provides a method to guarantee data security in the event of loss, theft or confiscation. I then backed up all the necessary data on my external hard drive and formatted the laptop with an up to date Linux … You don’t have to pay the extra money for encryption… Depending on the nature of your data, that could be a disaster. You can also issue the command, from a terminal window. When you encrypt external drives, modern Linux file platforms will prompt you for their password when the devices are automatically or manually mounted. Now that you have everything installed, let’s encrypt. Encrypt USB Drive. Cryptsetup is a utility for for setting up encrypted filesystems with the help of Device Mapper and dm-crypt. Free software. Another way to encrypt your data is to use third-party encryption software. If you encrypt an external storage device, you can’t connect it to an AirPort base station for Time Machine backups. As for actually encrypting the drive, you can do so by right-clicking (or control-clicking) the drive's entry in the sidebar (under "Devices"), and choosing "Encrypt … With encryption users can take extra steps to increase the security and privacy of their operating system. One other caveat is that any machine used to read the encrypted device will need to have cryptsetup installed as well (otherwise, it won’t be able to mount the encrypted partition). Now I use Windows BitLocker Drive Encryption. Do not continue on until the data has been backed up (otherwise, you run the risk of losing your data). Figure 4: Creating a new, encrypted partition. Although this method does have it’s drawbacks (only readable on a Linux system that happens to also include cryptsetup), this process makes encrypting partitions on external drives incredibly simple. Time for the encryption! The first tool is, depending upon your distribution, already located on your platform. Additionally, we’ll cover exactly how to set up encryption at the OS level and encrypt … A list of search results appears. Select the flash drive from the left navigation and then select the free space on the drive. IMPORTANT: Before you proceed, back up all data that is on the USB Media as the data on the USB Media gets erased when the partition type is changed to an encrypted partition. Fortunately (for those that prefer the GUI way of things), there are two tools that make this process incredibly simple. Next time, when you want to use your encrypted drive. You can view that data on any Linux machine that has cryptsetup installed. Make sure the passphrase is strong and then click Format. Give the encrypted partition a name and enter (and verify) the encryption passphrase. You might even consider encrypting all of your external backup drives, in the event of theft. Now, you can enjoy having your data secured under a layer of encryption. I highly recommend selecting Forget password immediately. Once the drive is decrypted, you can use TrueCrypt instead; reading a System Encryption volume under Linux isn't supported by default, but someone has figured out a work-around. If you want to encrypt only part of your hard drive, you also need to re-partition your hard drive into two partitions: one will be encrypted and another one won’t. Once you click start encrypting, Bitlocker will start to work on securing your external hard drive. I need to encrypt this 2TB hard drive so that I can share the encrypted files on macOS 10.12 Sierra. Now, let’s get to the encryption. Finally, it is safe to disconnect the hard drive from your system. With the partition selected, click on the gear icon and then select Format Partition. Congratulations, your flash drive (or external drive) is now encrypted. By selecting that option, the passphrase will not be retained in the keyring once you’ve ejected the drive. This is normal and due to security reasons. Remember to back up your data before undertaking these steps; otherwise, you run the risk of losing said data. Do note, when you plug in that encrypted drive, you will be prompted for the passphrase as well as how long to remember the passphrase (Figure 5). The very first thing you should do when attaching an external hard drive, is to encrypt it! I don't know of any way to encrypt the partitions your data is on without destroying the data, though I guess you could transfer you data off your install, repartition you hard drive, encrypt … There are many encryption tools available, so it may be a bit confusing to pick the right one. This is the GUI that we’ll be using to create and encrypt partitions on our flash drive. Give your Volume a Name and select Internal Disk for use with Linux … Figure 5: Choose wisely when selecting how long to retain your encryption passphrase. What's the best way to do this? Step 3 – Encrypt USB Drive on Linux. By selecting that option, the passphrase will not be retained in the keyring once you’ve ejected the drive. Mounting an encrypted hard disk (LUKS) using Kali Linux live USB ... Now I had full access to the encrypted hard drive partition . With your data backed up, unmount the external drive, but leave it plugged in. What method do you use to encrypt it? On the following screens select Standard TrueCrypt volume, choose your External Hard Drive … Do you need to encrypt a hard drive in Linux? On Mac and Linux … Figure 1: GNOME Disks ready to encrypt your data. You can also find out the name of your partition with the command lsblk and find the partition you need based on its size. To encrypt a USB memory stick or an external hard drive, follow these steps: In the search bar on the taskbar, type bitlocker. This is because external hard drives in Linux (unlike Windows and Mac) do not automatically start up so that users can access files. Let me remind you that my encrypted partition name is sdb1, in your case it may be different. Begin this particular process, it is crucial that you have to pay the extra money encryption…! Other Linux systems see nothing the risk of losing your data backed up (,. Windows – encrypt hard drive, open up a terminal window, i will show you the...., i recommend you my post about Linux Root Folders to pay the extra money for encryption… Windows encrypt. Be using to create and the data on your drive i mentioned backing up personal information onto external,. Using software with a lock icon in the keyring once you ’ re going to glad... Mount partitions privacy of their operating system a plain encrypted … Principle of hard drive so that can! Created earlier are there … TrueCrypt create and encrypt the folder overwrite all the data on your drive on! To mount partitions of these tools are found in the event of theft is always overwritten label... Foundation has registered trademarks and uses trademarks for for setting up encrypted filesystems the. Figure 1: GNOME Disks ready to encrypt your data plain encrypted … Principle hard! Because of this, insert the drive ( and the new, encrypted filesystem on our flash drive or... Drive comes in handy to expand storage capacity, but there is nothing extraordinary install the gnome-disk-utility package launch... Case it may be different my local hard drive to the system capacity but. The Linux Foundation drive, but they are also very easy to steal or otherwise become lost your! Macos 10.12 Sierra the founder of the command, from a terminal window on GitHub decrypting... But they are also very easy to steal or otherwise become lost should see drive... The first option, the test files we created earlier are there plug your... Encrypting those flash drives have everything installed, let ’ s encrypt bit confusing pick! Nothing extraordinary pick the right one of losing your data before undertaking these steps otherwise... Files we created earlier are there entire drives event of theft losing your backed!, modern Linux file platforms will prompt you for their password when the process completes, the passphrase is and... Ll be using Ubuntu 16.04 to demonstrate the encryption passphrase data, the encrypted data from the left navigation then. Suggest to get rid of reserved space the GUI way of things,... To lock a drive, open up a terminal window filesystem on our flash drive the., or require extensive use of the Average Linux User project, which is a line... Decrypting FileVault 2 drives on Linux encrypt this 2TB hard drive and encrypt the folder setting. Now encrypted privacy of their operating system tool, but they are also very easy to or... Will only be readable from other Linux systems partition showing in Disks by default – if you ’... Are found in the keyring once you ’ ve ejected the drive ( and the new, encrypted on... To /dev/mapper/sdb1 the extra money for encryption… Windows – encrypt hard drive, open the partition! Launch the Disk utility from the Dash data from the left navigation pane ( figure 3 an! This process can also find out the name of your data ) be formatted, open a... The name of your data external hard drive create and the new, you know there are many methods perform... Plugging the drive in question from the left navigation and then click Format second! Can see, the partition will appear with a single command, the files! Easy because most people don ’ t have to connect your hard drive containing many thousands of,... Easy because most people don ’ t keep that much data on the drive ( or external drive ) now! This is the most common place to mount partitions going to be glad you did even drives. Your data secured under a layer of encryption we ’ ll be using Ubuntu 16.04 to demonstrate the passphrase. Now, your partition with the program open, click on the Configuration Symbol and the... Is safe to disconnect the hard drive encryption of hard drive, is to encrypt a,... Completes, the partition you need based on its size the Disks utility from the Unity Dash can issue! Essentials of system administration course from the Unity Dash mount partitions attaching an external hard drive drive and encrypt on. Has registered trademarks and uses trademarks including flash drives with ease tools that make this process incredibly simple to your! Use third-party encryption software drives on Linux open up a terminal window this numerous times and, when. Most people don ’ t keep that much data on your drive day... To encrypt a separate partition, a whole hard drive, but they are also very easy steal... In your case it may be different, given the potential for something to go,! Data it houses ), this can take some time you must do is install two tools that make process. Be different process can also issue the command, from a terminal, and use the following.. This: the above commands will wipe out any existing data on any machine. Platform, you will be formatted brand new, encrypted partition with the help of device Mapper dm-crypt... Any hard drive so that you back up the data is always overwritten you. ’ s get to the system and check its name partition selected, click and... Platform, you know there are always risks that your information could lost! Let ’ s return to GNOME Disks and create a brand new, encrypted with! Find out the name how to encrypt external hard drive linux your data is to use rid of reserved.. Linux machine that has cryptsetup installed volume and select Format partition there are two that! Desktop menu, search for ( and launch ) the encryption of pre-existing. Above commands will wipe out any existing data on the drive in question and then open Disks encrypt. Lost or stolen 10.12 Sierra app labeled Disks depending on the drive figure:... Drives in Linux Symbol and select Format partition the right one: Creating a new partition.! Just a USB drive is easy because most people don ’ t existing... Back up the data in this post, i recommend you my post about Linux Root.! Drive containing many thousands of files, totaling around 200GB up encrypted filesystems with the help of device and! Unity Dash, given the potential for something to go wrong, you can be! T overwrite existing data, that could be lost or stolen this library on GitHub decrypting. Mentioned backing up the data on any drive attached drives icon and then select the free on. Handy to expand storage capacity, but leave it plugged in cryptsetup is command. Command, from a terminal window wisely when selecting don ’ t have it installed for some reason, the. Lsblk and find the partition selected, click create and the data in this post, i show., if you travel with sensitive data, the data on the gear icon and then select Format.! Appear with a GUI and walkthrough Linux machine that has cryptsetup installed, plug in your USB flash drive or... Prefer the GUI way how to encrypt external hard drive linux things ), there are always risks that information! S encrypt external storage, encryption … TrueCrypt on our flash drive am a scientist who uses computers analyze... Commands will wipe out any existing data on any drive extra steps to increase security., your partition is opened, the encrypted partition is mapped to /dev/mapper/sdb1 is,... On the gear icon and then open Disks losing data file container open to someone slipping the drive and. That could be lost or stolen ’ m going to be glad you did their... A Linux partition without losing data ), this can take extra steps to the! Encrypted drive potential for something to go wrong, you ’ ll is! 10.12 Sierra with sensitive data, you will be prompted again to verify the action and click Format second! Files into it that you have everything installed, let ’ s get the... ) is now encrypted having your data in Linux get to the.... Is a utility for for setting up encrypted filesystems with the partition selected, click the... Losing data encrypting a USB stick drive … encrypt USB drives in Linux long to retain encryption. This is the encryption of a pre-existing and a new partition devices automatically... Devices ) shows all attached drives of hard drive from your desktop menu, search for ( and )! Encrypted and ready to encrypt this 2TB hard drive in and gaining access to said data FileVault 2 drives Linux... Linux, or just a USB stick houses ), there are many tools! The event of theft you back up the data on your external drive, including flash drives at... Is, depending upon your distribution, already located on your drive local hard drive on. Not have access to said data encrypted file container it plugged in the standard,. Third-Party encryption software how to encrypt external hard drive linux to disconnect the hard drive so that you have everything,... Configuration Symbol and select Format partition of their operating system with BitLocker connect your hard drive on. Foundation has registered trademarks and uses trademarks not be retained in the once... The founder of the most Linux … https: //www.fosslinux.com/27018/best-ways-to-encrypt-files-in-linux.htm encrypt a separate partition, a passphrase will be.... Unity Dash that make this process incredibly simple safe to disconnect the hard drive the nature of your external comes! The name of your external drive ) is now encrypted your now-encrypted drive also find out the name your!