System used:
Code: Select all
Linux debian 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07) x86_64 GNU/Linux
This assumes the device is /dev/sdb.
Everything must be done as root.
Partition disk if needed by setting up a Linux lvm partition:
Code: Select all
$ cfdisk /dev/sdb
Code: Select all
$ fdisk /dev/sdb
Code: Select all
$ dd if=/dev/zero of=/dev/sdb bs=4M
Code: Select all
$ cryptsetup luksFormat /dev/sdb1
Code: Select all
$ cryptsetup luksOpen /dev/sdb1 backup # creates /dev/mapper/backup
Code: Select all
$ mkfs.xfs /dev/mapper/backup # install "xfsprogs" if absent
Allow device, if present, to be mounted automatically at boot, and be prompted for password.
Create mountpoint, e.g. /backup
Code: Select all
$ mkdir /backup
Code: Select all
$ blkid
$ ls -lha /dev/disk/by-uuid
$ lsblk -f
Code: Select all
$ lsblk -f
sdb
└─sdb1 crypto_LUKS e616b645-de31-46d0-9cf6-82e10d4f861b
└─backup xfs b9931a95-3197-41d4-943f-69af29fc6eb8
Code: Select all
backup UUID=<uuid of /dev/sdb1> none luks,nofail
Add the encrypted file system to /etc/fstab:
Code: Select all
/dev/mapper/backup /backup xfs nofail,noatime,rw,user,x-systemd.device-timeout=30 0 2
Mount all with:
Code: Select all
mount -a
3. ALLOW USERS TO WRITE TO EXTERNAL HARD DRIVE
Allow users to read and write to the external harddrive without changing ownership and permissions of the mountpoint /backup when the device is not mounted.
As root, mount /backup and then change ownership as needed. For instance:
Code: Select all
$ mount /backup
$ chown user:users /backup
Code: Select all
$ ls -ld /backup
drwxr-xr-x 3 user users 57 jui 11 00:46 /backup
Code: Select all
$ ls -ld /backup
drwxr-xr-x 2 root root 4096 jui 10 20:05 /backup
Hope this is useful. Comments and additional tips are welcome.