Fernando Lobato Meeser fernandolobato
fernandolobato
/ dm-integrity.sh
Last active
May 12, 2023 09:19
Create a fully encrypted disk with data integrity without wipe (dm-integrity, dm-crypt)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This gist walks throught how a to do FDE + data integrity without wiping the whole disk. Useful for very large disks, more than 1 TB, where wipping the disk could take days. | |
| DISK_PATH=/tmp/disk.img # dummy disk | |
| KEY_PATH=/tmp/key.bin # path to private key | |
| DATA_DEVICE_NAME=crypto-integrity-disk #disk name | |
| # to run this commands on an actual disk, use parted to format the disk and create a partition. | |
| # read some about this. This example will use a dummy disk. |