LUKS Disk Encryption Setup (Linux )


We’ll be using an external Western Digital 250GB Passport drive in the example below. Keep in mind, whatever drive you choose is irrelevant, what is most important is that any existing data will be destroyed by this process. Please make a backup first if there is any data currently on it.

Purpose & Scope

The purpose of encryption is to secure your data from people who are not authorised to view, copy or tamper with it. The process described below will create a “wrapper” or “blanket” around the data on your drive. For our purposes we’re going to just encrypt the entire drive, however, it is possible to selectively encrypt partitions of any size. Once the drive is encrypted and disconnected from a computer, your data is safe. While the drive can be reformatted or physically destroyed, the data will not be accessible without your password.

  1. sudo fdisk -l
  2. Output:

  3. sudo cryptsetup luksFormat /dev/sdb1
  4. Output:

  5. sudo cryptsetup luksOpen /dev/sdb1 WD250
  6. Output:

  7. sudo mkfs.ntfs -L WD250 /dev/mapper/WD250
  8. Output:

  9. sudo cryptsetup luksClose WD250
  10. Output:


You can now disconnect the device from your computer, wait a few seconds and reconnect it. You should be prompted to enter the password to unlock and mount the device.

Free LibreCrypt Explorer from: Make sure to read their introduction and installation instructions.
Free Veracrypt from

Free Veracrypt from

Last Modified: 21 Dec, 2015 at 15:16:44