Disk Encryption At-Rest with LUKS

Linux Unified Key Setup (LUKS) is a specification for disk encryption across Linux distributions. It relies on dm-crypt, a kernel module that uses the passphrase selected by the user to encrypt and decrypt data on-the-fly on a LUKS volume, and make the filesystem mountable from a virtual device-mapper block device. The cryptsetup utility is used to create and manage LUKS volumes.

Read More