Disk/Partition encryption

[Adalbert Prokop]

Weiner, Michael schrieb:

> Some time ago, approximately April 2009, I encrypted a Fedora 10 system which I later upgraded to Fedora 11, with no problem. My problem is that I didn’t document how I did it at the time, as I was just playing with disk encryption on a sandbox machine and never thought I would need to do it in production. Recently my place of employment, thanks in part to new HIPAA regulations due to data theft, is requiring ALL laptops to be encrypted – one problem, I don’t remember how I did it without loosing any data. The only thing I can remember is that it was a pretty simple task that I performed without moving data from one partition to another, or re-installing the OS. Googling such a process, has led me to read many pages and documentation out there, but to no avail. I can NOT find anywhere anything documenting encrypting a live filesytem without data loss. Has anyone here done this? I could have sworn that the original work I did was based on an email or discussion on this
 l
>  ist, but I cant find anything. Yes yes yes I know – ALWAYS put it in the wiki ☺

Somewhere on the cryptsetup page there was a hint how to reencrypt a
partition withhout reformatting. Basically you use dd to read from the
plain device and write to the same device through the encryption layer.

Something like this:
# cryptsetup create encrypted /dev/sdx1
# dd if=/dev/sdx1 of=/dev/mapper/encrypted bs=10M

I would not try it without a full backup and all fingers crossed...

-- 
bye
Adalbert