Home > Developer > Linux

Linux Cloud Automation Operations Basics 19 (partition encryption, disk quotas)

Source: Internet
Author: User
Tags decrypt
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

One. Partition encryption

1. Create encryption

Cryptsetup LUKSFORMAT/DEV/VDB2

This would overwrite data on/dev/vdb2 irrevocably.

Is you sure? (Type uppercase Yes): Yes # #确定加密
Enter Passphrase: # #密码大于8位, and can't be too simple
Verify Passphrase: # #确认密码

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M00/9D/CC/wKioL1mGkfyjmAEqAAA3nzAL7J4683.png "title=" Screenshot from 2017-08-06 10-52-15.png "alt=" Wkiol1mgkfyjmaeqaaa3nzal7j4683.png "/>

2. Decrypt the partition and use

Cryptsetup open/dev/vdb2 Westos Decryption

Mkfs.xfs/dev/mapper/westos Formatting devices

mount/dev/mapper/westos/mnt/Mounting Equipment

Umount/dev/mapper/westos Uninstalling the device

Cryptsetup close Westos to turn off the encryption layer of the device

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M02/9D/CC/wKiom1mGklHTl2qnAAEJbfIZfzY185.png "style=" float : none; "title=" screenshot from 2017-08-06 10-56-05.png "alt=" Wkiom1mgklhtl2qnaaejbfizfzy185.png "/>

650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/9D/CC/wKioL1mGklGhF3knAABAvX4Vpf4011.png "style=" float : none; "title=" screenshot from 2017-08-06 10-59-35.png "alt=" Wkiol1mgklghf3knaabavx4vpf4011.png "/>





3. Automatic mount encryption device on boot

Vim/etc/crypttab Edit profile Settings auto-decrypt on boot

Decrypt name device holds encrypted password file

Westos/dev/vdb2/root/lukspsfile

Vim/root/lukspsfile password for input partition encryption

chmod 600/root/lukspsfile to execute permissions

Focus: Cryptsetup luksaddkey/dev/vdb2/root/lukspsfile allow device and partition password to store file associations for automatic decryption

Vim/etc/fstab edit configuration file to automatically mount the boot

Format:/dev/mapper/westos/mnt XFS defaults 0 0

Here are 6 columns: 1. Disk set other file name

2. Mount point

3. File system for disk partitioning

4. File system parameters are set to defaults by default

5. Whether the dump backup command function 0 means no dump backup, 1 for daily dump backup, 2 for the indefinite date backup

6. Whether to check sector 0 with fsck indicates that 1 is not required for the first check 2 to be checked but will be more than 1 nights

Reboot restart

Df-h See if the mount is successful

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/9D/CC/wKiom1mGko6j5Tj3AAALpVV5PII767.png "style=" float : none; "title=" screenshot from 2017-08-06 11-04-50.png "alt=" Wkiom1mgko6j5tj3aaalpvv5pii767.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9D/CC/wKioL1mGko_jaS9KAABD5iCxd5A643.png "style=" float : none; "title=" screenshot from 2017-08-06 11-08-37.png "alt=" Wkiol1mgko_jas9kaabd5icxd5a643.png "/>

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M02/9D/CC/wKiom1mGko-Q-tGaAABeIlISoGE265.png "style=" float : none; "title=" screenshot from 2017-08-06 11-13-32.png "alt=" Wkiom1mgko-q-tgaaabeilisoge265.png "/>



Two. Disk quotas

1. Set the Quota function

Mount-o usrquota/dev/vdb2/mnt Activation quota feature

Quota-uv/dev/vdb2

Edquota-u Student setting student the size of the file content that users can write in the/mnt directory


650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9D/CC/wKiom1mGkvbw8WOFAAChwQbyl6g561.png "title=" Screenshot from 2017-08-06 11-33-54.png "alt=" Wkiom1mgkvbw8wofaachwqbyl6g561.png "/>

Enter the interface settings:

Filesystem blocks soft hard inodes soft hard

/DEV/VDB2 0 0 204800 0 0

The first hard expression writes the maximum value of a single file, set here as 200M

The second hard expression limits the number of write files, 0 means no Limit

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/9D/CC/wKiom1mGkyGhXNoxAAAj8mwvpP8685.png "title=" Screenshot from 2017-08-06 11-33-05.png "alt=" Wkiom1mgkyghxnoxaaaj8mwvpp8685.png "/>

Su-student

DD If=/dev/zero of=/mnt/file bs=1m count=200

Quota viewing student user's files under/mnt

Size

650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M00/9D/CC/wKiom1mGk1TQTDC6AAETa1vpB0Y173.png "title=" Screenshot from 2017-08-06 11-36-42.png "alt=" Wkiom1mgk1tqtdc6aaeta1vpb0y173.png "/>


2. Configure the power on auto-activate quota feature

Vim/etc/fstab

Format:/dev/vdb2/mnt xfs defaults, Usrquota 0 0

Reboot restart

DF to see if the boot automatically mounts and activates the quota function successfully

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/9D/CC/wKioL1mGk4LQUQ7SAAE6j4zAVDw064.png "style=" float : none; "title=" screenshot from 2017-08-06 11-38-47.png "alt=" Wkiol1mgk4lquq7saae6j4zavdw064.png "/>

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M02/9D/CC/wKiom1mGk4Owol7oAABt_DQJH_c618.png "style=" float : none; "title=" screenshot from 2017-08-06 11-45-52.png "alt=" Wkiom1mgk4owol7oaabt_dqjh_c618.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/9D/CC/wKiom1mGk4OC63zKAABunClnQtk702.png "style=" float : none; "title=" screenshot from 2017-08-06 11-48-33.png "alt=" Wkiom1mgk4oc63zkaabunclnqtk702.png "/>




This article is from the "13122425" blog, please be sure to keep this source http://13132425.blog.51cto.com/13122425/1953957

Linux Cloud Automation Operations Basics 19 (partition encryption, disk quotas)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
gpt disk partition gpt disk partition recovery easeus disk partition oracle cloud basics whole disk encryption veracrypt full disk encryption symantec full disk encryption

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More