Page 1 of 1

Practicing encrypting my VM installation

Posted: 2015/04/14 21:24:01
by Worlder
Hi I'm currently using CentOS 7 on virtual machine (VirtualBox to be exact) as a way of helping me practice my skills at system administration.

My VM's CentOS installation was not encrypted during installation, but now I would like to know how to encrypt, at the very least, the /home directory.

I've checked out various texts on the Internet that talk about encrypting on CentOS/Red Hat/Linux, but the examples tend to differ a lot in the exact details with the only common element being cryptsetup.

By the way, my virtual machine only has one virtual hard disk and I chose automatic partitioning at the time of the installation.

Given this information how would you advise me in encrypting the /home directory.

Re: Practicing encrypting my VM installation

Posted: 2015/04/14 22:35:35
by TrevorH
You can't encrypt a filesystem once it has data on it. The best you can do is create a new partition/logical volume and use luksFormat to encrypt that, make a filesystem on it, mount it, copy your existing data over to it and then flip the mounts so that the encrypted one is mounted on /home.

Re: Practicing encrypting my VM installation

Posted: 2015/04/15 03:48:46
by Worlder
In that case, it seems I still have a lot to learn.

I never really gave a thought to partitions and the LVM. I guess I better get started.

Re: Practicing encrypting my VM installation

Posted: 2015/04/17 17:31:41
by Worlder
I've decided to merge my last thread into this one.

When I followed the instructions on how to encrypt one's home directory according the instructions on the RHEL 7 documentation, I ended up breaking my installation, twice. I ended up booting into emergency mode and being stuck there. Thankfully I was working on a virtual machine and it was good thing that the VM didn't contain any valuable data.

So what I did was reinstall the OS and did the encryption of the /home directory during the installation process.

Things work smoothly now, but I still need to know what I did wrong. I suspect something might have gone awry at or after step 7.