Encrypting a Drive with LUKS and cryptsetup

1. Get the drive name

lsblk

2. Install cryptsetup

sudo pacman -S cryptsetup

3. Format the drive

To format the drive, you can use cfdisk or any other utility of your choice.

cfdisk /dev/sdaX

Now, delete all the signatures and partitions on the drive. Then, create a filesystem on the drive as follows:

mkfs.ext4 /dev/sdaX

After the FS has been created, create a partition on the drive with cfdisk. After the partition has been created, you can finally start encrypting the drive.

4. Encrypt the created partition

List the partition:

lsblk /dev/sdaX

Encrypt the partition:

cryptsetup luksFormat /dev/sda[0-9]

It will ask for a passphrase, make sure to provide a strong passphrase.

5. Decrypt and create filesystem

Decrypt the drive:

cryptsetup open /dev/sda[0-9] <name>

Make the FS:

mkfs.ext4 /dev/mapper/<name>

6. Re-encrypt after usage

cryptsetup close <name>