Encrypting a second hard drive on Ubuntu after installation

Created:

Introduction: finding the new hard drive

First we need to detected the hard drive, execute fdisk:

sudo fdisk -l

The output should list all hard drivers:

Disk /dev/sda: 27.2 GiB, 29201285120 bytes, 57033760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xee0a4d6a

Device     Boot   Start      End  Sectors  Size Id Type
/dev/sda1  *       2048   999423   997376  487M 83 Linux
/dev/sda2       1001470 57032703 56031234 26.7G  5 Extended
/dev/sda5       1001472 57032703 56031232 26.7G 83 Linux


Disk /dev/sdb: 299.3 GiB, 321347125248 bytes, 627631104 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

In my case I added the /dev/sdb.

Create a new encrypted partition

With fdisk or gparted create a new partition, in our example we will use sdX1. Now encrypt the partition:

sudo cryptsetup -y -v luksFormat /dev/sdX1

If everything was successfully you will see:

This will overwrite data on /dev/sdb1 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:
Command successful.

Open and format new partition

First we need to open the encrypted partition with luksOpen. Once the encrypted partition is open we are ready to format it with ext4.

sudo cryptsetup luksOpen /dev/sdX1 sdX1_crypt
sudo mkfs.ext4 /dev/mapper/sdX1_crypt

Now you are ready to use the partition as always, for example to mount it:

sudo mount /dev/mapper/sd?X_crypt /<mount-point>

Next time you reboot the computer execute:

sudo cryptsetup luksOpen /dev/sdX1 sdX1_crypt
sudo mount /dev/mapper/sd?X_crypt /<mount-point>