In order to create a crypted partition, a normal partition must be created and then be associated to the crypted device.
The partition can be a normal partition (e.g. /dev/hda1) or a LVM partition (e.g.: /dev/vg0/lv0)
For normal partition:
cfdisk /dev/hda
For LVM (depracated, see "Using dm-crypt with LVM"):
lvcreate -L 1G -n lvmcrypted vg
For normal partition:
cryptsetup -y create crypted /dev/hda1
For LVM (depracated, see "Using dm-crypt with LVM"):
cryptsetup -y create crypted /dev/mapper/vg-lvmcrypted
Create the filesystem as normaly:
mkfs.reiserfs /dev/mapper/crypted
To make available the crypted partitions after each boot, the crypttab file must be updated.
For normal partition, add a line like the following:
crypted /dev/hda1
crypted /dev/vg/lvmcrypted
To mount the crypted partitions after each boot, the mount point must be created and the fstab file must be updated.
Create the mount point:
mkdir /mnt/crypted
/dev/mapper/crypted /mnt/crypted reiserfs defaults
Here, there isn't any difference between normal partition and LVM partitions, because in both cases the access to the data is done via the crypted device.
Now it's possible the mount the partition:
mount /mnt/crypted
In order to remove a crypted partition, it must be first unmounted:
umount /mnt/crypted
Now it's possible to remove the crypted device:
cryptsetup remove crypted
Don't forget to udpate the /etc/fstab and /etc/crypttab files, and to remove the unused mountpoint and partition.
Since data can be temporary copied to the swap, it's a good idea to crypt also the swap.
Also here, first a normal partition must be created and then associated to the crypted device.
The partition can be a normal partition (e.g. /dev/hda2) or a LVM partition (e.g.: /dev/vg0/lv1)
For normal partition:
cfdisk /dev/hda
For LVM (depracated, see "Using dm-crypt with LVM"):
lvcreate -L 1G -n lvmswap vg
For normal partition:
cryptsetup -y create cryptedswap /dev/hda2
For LVM (depracated, see "Using dm-crypt with LVM"):
cryptsetup -y create cryptedswap /dev/mapper/vg-lvmswap
Create a swap filesystem as normally:
mkswap /dev/mapper/cryptswap
To make available the crypted partitions after each boot, the crypttab file must be updated.
For normal partition, add a line like the following:
cryptswap /dev/hda2 /dev/random swap
cryptedswap /dev/vg/swap /dev/random swap
Using /dev/random as key, will create a new random key at each boot and you won't be prompted for a password each time.
To mount the crypted swap after each boot, the fstab file must be updated.
Add a line like the following in /etc/fstab:
/dev/mapper/cryptswap none swap sw,pri=1
Also here, there isn't any difference between normal partition and LVM partitions, because in both cases the access to the data is done via the crypted device.
Activate all the swap partitions, just by calling:
swapon -a