November 18

Linux: Deleting LUKS volume

1. Determining the underlying deviceRun the following command to determine the underlying device for the LUKS device:
 cryptsetup status cryptvol/dev/mapper/cryptvol is active.  type:  LUKS1  cipher:  aes-cbc-essiv:sha256  keysize: 256 bits  device:  /dev/mapper/datavg-lv_cryptvol  offset:  4096 sectors  size:    4190208 sectors  mode:    read/write
2. Delete existing key on the deviceTo remove an existing key from LUKS device, use cryptsetup luksRemoveKey command on the device from above command:
 cryptsetup luksRemoveKey /dev/mapper/datavg-lv_cryptvol If using md0 – cryptsetup luksRemoveKey /dev/md0Enter LUKS passphrase to be deleted:
WARNING!========This is the last keyslot. Device will become unusable after purging this key.
Are you sure? (Type uppercase yes): YES
3. Delete the LUKS deviceOnce you have deleted the keys from device, you can delete the device using cryptsetup remove command.
 cryptsetup remove /dev/mapper/cryptvol
4. Remove the LVM volumeIn this case, the logical volume device can also be removed so that the space is freed for other logical volumes within the volume group to utilize.
 lvremove /dev/mapper/datavg-lv_cryptvol
Note: If the name of the LUKS device is unknown use the blkid command to determine the corresponding devices.
 blkid /dev/mapper/datavg-lv_cryptvol: UUID=”c33892eb-c89e-435e-80cc-e0fb1c64838e” TYPE=”crypto_LUKS”  /dev/mapper/cryptvol: UUID=”0b3cf4e6-14b4-4e93-a24b-98bd3b9e71ce” TYPE=”ext4″

Copyright 2021. All rights reserved.

Posted November 18, 2021 by Timothy Conrad in category "Linux

About the Author

If I were to describe myself with one word it would be, creative. I am interested in almost everything which keeps me rather busy. Here you will find some of my technical musings. Securely email me using - PGP: 4CB8 91EB 0C0A A530 3BE9 6D76 B076 96F1 6135 0A1B