Tropenhitze

Kannst du das spüren?

Posts Tagged ‘disk encryption

Creating CRYPTO_LUKS partitions on openSuSE that can be accessed both from Windows and Linux

leave a comment »

This tutorial helps you create create an encrypted partition on your fixed or portable hard drive that can only be accessed by unlocking it with the password that you entered at the time of creation. You might not need a tutorial for this but if you want to access the encrypted CRYPTO_LUKS partition both from Windows and from Linux this tutorial can help you.

For the purposes of this tutorial, I assume the following

  1. You have a new 500GB (just for example) external hard drive, in which you’d like to have two partitions of 250 GB each, one normal and the other one encrypted with CRYPTO_LUKS. This is not an absolute requirement. You can apply this same tutorial on fixed drives, portable drives, thumb drives and so  on.
  2. You have some version of openSuSE installed on your machine. (You don’t need it to be openSuSE actually. You can use the KDE Partition Manager on any Linux platform or you can even do it from a bootable version of KDE Partition Manager available on sourceforge.net)

Steps:

  1. Open the YaST Control Center and open Partitioner
  2. In the Partitioner, you will see the list of hard drives found on your machine. If you have an external hard drive, connect it before opening partitioner
  3. Point to your external hard drive and if there are already partitions on it delete it. (Before deleting it backup any data that might be present on it as the data will permanently get erased)
  4. Now right click on the hard disk and select “add partition”. Let’s say you want this partition to be a normal NTFS partiton that can be accessed both from windows and from Linux
  5. Select primary partition and click on next
  6. Select custom size and enter 250 GB
  7. On the next screen, select “Do not format partition”  and under the check box “File System ID” select “0x07 NTFS” and click on finish. You may later need to log on to windows and format this partition  with windows without enabling compression (or you’ll not be able to access it from Linux).
  8. Now in the partition manager, right click on the external hard disk once again  and select “add partition” and select “primary partition” in the next screen and click “next”
  9. Now select “Maximum size” in the “new partition size” and click “next”.
  10. Choose the option “Format partition” and under the “File System” select “Ext4” and click on the check box Encrypt device and click “Next” and enter a password. (Do not forget this password)
  11. After you have entered a password you’ll be back in the partition manager and now click on  “Next” and you’ll get a summary of the changes. Confirm the changes if you agree by clicking Finish (Warning: This action cannot be undone)
  12. Wait for some time while the Partition Manager performs the requested tasks.
  13. Now if you are using openSuSE, you’ll be able to access both the partitions from Dolphin. But wait, in order to make it accessible both from Windows and Linux you need to follow the below steps
  14. To make it accessible from windows log on to Windows and connect the external hard drive
  15. Now on windows you’ll be shown only the non-encrypted partition. Format it once using NTFS but don’t enable compression (or you won’t be able to access it from Linux)
  16. Now in order to access the encrypted CRYPTO_LUKS partition on Windows you need an open source tool called FreeOTFE, which can be downloaded from here
  17. After you have installed FreeOTFE on Windows, open it and select Mount. There you’ll see all the disks on your system. Find out which is your external hard drive and there you’ll be able to see the encrypted partition.
  18. Click on it, enter the same password that you entered in Step 10 and mount it.
  19. You’ll get the notification that “your partition has been mounted as drive <some drive letter here>”. Acknowledge this message box and only then will you be shown the partition on windows explorer.
  20. Now open the windows explorer and double click on the encrypted partition you just mounted using FreeOTFE.
  21. You will be asked to format it. Format it using NTFS now for once without enabling compression.
  22. Hereafter you can mount the partition using FreeOTFE and access it from windows. Don’t forget to unmount it on FreeOTFE before you shut down or before you remove your disk. This  is very essential.
  23. Now log on to Linux and click on the encrypted partiton, enter the password and you’ll be able to access it from there. If you had copied some files to the encrypted partition while you were on windows, you’ll be able to access it from Linux.

I hope this long tutorial helps.

You can also use the steps mentioned here to create a single encrypted partition on thumb drives that can be accessed both from Linux and from Windows using FreeOTFE. Please drop your comments if my tutorial was very confusing or if you find it useful.

Thank you!

Advertisements