Assuming you have already configured your partitions on your hard disk, and your hard disk to encrypt is /dev/sda1.
cryptsetup -y -v luksFormat /dev/sda1
cryptsetup luksOpen /dev/sda1 somename
mount /dev/mapper/somename /your/chosen/path
— Do your stuff on your mountpoint /your/chosen/path and when you’re done unmount and close that disk with:
cryptsetup luksClose /dev/mapper/somename
What I’ve omitted here is the overwriting of the mapper-device, which is useful when you want to have extra security: usage pattern attack not possible.
You could of course add specific parameters, but the default is just fine for me. Keep in mind chosing some long password on the first stage, special characters and numbers, etc.
Try to reach 20 characters at least.
Last week on Sunday I had to restart my NAS due to some system updates (new kernel version on Arch Linux) and on the reboot of the system one of my raid hard disks had an error.
First the machine didn’t even boot, because the bios already recognized the error, so I had to put a monitor on it and check what’s up. Continuing booting I got some SATA errors on that one disk and soon my system messaged me that the raid array has a faulty disk. smartctl also mentioned some bad news about the lifetime issues and errors. Well, one disk after six months of 24/7 activity, bad for Seagate and for a server disk with 24/7 on the description…
Ordered two new ones of the same model, twelve euros less than half a year before. Now waiting for the disks, so that I can replace the faulty one and send that brick back for warranty.
No data loss – thanks to raid5.
- SuperMicro Intel Atom embedded board (forgot the exact spec, if interested I’ll search for it) , 4GB RAM
- 64GB SSD for system
- 4x 2TB “Seagate ST2000VX000″ 24/7 HDDs
- Usable disk space: 5.9TB software raid5, with encryption. (Tests showed up to 210MB/s transfer rate to and from the raid, enough for Gbit network)
Yay. I’ve often wondered how good system graphs and information is displayed on other geek’s desktops. A lot of them use conky and now I’m one of them.
I’ve built a config based on one from a nice user from G+ and am now maintaining a little repo where I’ll commit my conky scripts and configs for everyone.
Here an example of my first try:
Current conky config from today
What the conky setup shows:
- Outer 12 gauges, clock. thick one (10px) are hours, thinner one (5px) minutes
Bars, from left to right:
- outer left two: disk utilization, write, read
- shorter one, swap usage in percent (mostly 0 on my machine with 24GB RAM)
- 8 inner ones, cpu cores
- pendant to swap: RAM usage in percent
- outer right two: network down/up speed
The logo in the center is from the wallpaper not included in conky!
I got bored by pacman’s downloading all packages for every system again so i searched for a solution to share the pacman cache.
I got enlightened by pacserve from the aur.
Easy to set up, just install (e.g. with yaourt -S pacserve), tell systemd to start and enable and there you go. If you want to use pacserve without the pacsrv wrapper you have to change your pacman.conf so that every repository first checks the cache. Just follow the instructions on http://xyne.archlinux.ca/projects/pacserve/ .
Finally, my wife’s PC is running Arch Linux.
And she’s taking the first steps in this beautiful environment. I hope it will be a pleasant stay and a long-enduring one.
The motivation was quite high, because win7 on this machine just gave up with a blue screen after 0-10 minutes and arch linux just runs stable, as always.