[CentOS] LUKS question

Wed Dec 13 13:11:19 UTC 2017
Kern, Thomas (CONTR) <Thomas.Kern at hq.doe.gov>

If your requirement is for the entire system to be encrypted then I think the only is a system rebuild, but if you can convince management that a good compromise is encrypting only the applications and their data, you should be able to add encrypted storage, copy the sensitive files and wipe the old allocations. I have done this for a test system encrypting a MySQL database instance and a web server instance, in anticipation of an "encrypted at rest" directive coming down from management.

Thomas Kern
Senior VM Systems Programmer/Linux Systems Administrator
Office of the Chief Information Officer
On Contract to U.S. Department of Energy
O: 301-903-2211 | M: 301-905-6427
Thomas.Kern at hq.doe.gov
A subtlety of Murphy's Law:
If it can go wrong, it already has, 
and you just haven't realized it yet.

-----Original Message-----
From: Wells, Roger K. [mailto:wellsr at leidos.com] 
Sent: Tuesday, December 12, 2017 9:41 AM
To: CentOS mailing list <centos at centos.org>
Subject: [CentOS] LUKS question

I have existing systems with un-encrypted disks.
I have tried unsuccessfully to encrypt them using LUKS.
Has anyone out there been able to encrypt an existing system (after the 
fact, so to speak)?


Roger Wells, P.E.
221 Third St
Newport, RI 02840
401-847-4210 (voice)
401-849-1585 (fax)
roger.k.wells at leidos.com