There are tasks when you need to place IMPORTANT data on a virtual server so that only the owner has access to it and at the same time can be accessed from anywhere in the world via the Internet.
This problem can be solved by purchasing a VDS server and creating an encrypted disk on which we will store our data with password access.
In our example, we will use Linux Debian 12, and perform actions as the root user.
1. Install the necessary packages
apt update
apt upgrade
apt install cryptsetup
1.1 Let's decide on the size and create a file
dd if=/dev/zero of=/root/crypt-drive bs=1M count=1024
1.1.1 Next, convert the file to the LUKS partition format:
cryptsetup -y luksFormat /root/crypt-drive
Assign a password and enter confirmation. Please note that if you forget your password, you will not be able to restore it and access the data.
1.1.2 File information
file /root/crypt-drive
The crypto container is ready for use; now it needs to be converted into a crypt-volume device.
1.2 Connect the created crypto container
cryptsetup luksOpen /root/crypt-drive crypt-volume
Enter the password.
1.2.1 Create a file system
mkfs.ext4 -j /dev/mapper/crypt-volume
1.2.2 Create a folder for mounting
mkdir /mnt/crypt-volume
1.2.3 Mounting the partition
mount /dev/mapper/crypt-volume /mnt/crypt-volume
The encrypted disk is ready, you can fully use this partition as usual, encryption occurs at the time of use of this partition. No additional action is required.
2. Check
df -h
3. Further use
3.1 Disabling a container
umount /mnt/crypt-volume
cryptsetup luksClose crypt-volume
3.2 Connecting a container
cryptsetup luksOpen /root/crypt-drive crypt-volume
mount /dev/mapper/crypt-volume /mnt/crypt-volume
Pay attention! When you reboot the server, if you did not specifically unmount the container, you will need to reconnect it as described in paragraph 3.2.
See also: Automatic mounting of an encrypted Luks file