Menu :

TL;DR

cryptsetup open

Create a decrypted mapping of an encrypted volume. Note: with TRIM enabled, minimal data leakage in form of freed block information, perhaps sufficient to determine the filesystem in use may occur. However, you still most likely want to enable it, because the data inside is still safe and SSDs without TRIM will wear out faster. More information: https://manned.org/cryptsetup-open.

Open a LUKS volume and create a decrypted mapping at /dev/mapper/mapping_name:

cryptsetup open /dev/sdXY mapping_name

Use a keyfile instead of a passphrase:

cryptsetup open --key-file path/to/file /dev/sdXY mapping_name

Allow the use of TRIM on the device:

cryptsetup open --allow-discards /dev/sdXY mapping_name

Write the --allow-discards option into the LUKS header (the option will then always be used when you open the device):

cryptsetup open --allow-discards --persistent /dev/sdXY mapping_name

Open a LUKS volume and make the decrypted mapping read-only:

cryptsetup open --readonly /dev/sdXY mapping_name

This document was created using the contents of the tldr project.

a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
others