• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

CentOS / RHEL : How to delete LUKS encrypted device

by admin

While deleting a LUKS encrypted device using lvremove you would get an error as below :

# lvremove /dev/mapper/datavg-lv_cryptvol 
  Logical volume datavg/lv_cryptvol is used by another device.

The reason being – it is a LUKS encrypted volume. Follow the steps below to delete a LUKS encrypted device.

Deleting LUKS volume

1. Determining the underlying device
Run the following command to determine the underlying device for the LUKS device:

# cryptsetup status cryptvol
/dev/mapper/cryptvol is active.
  type:  LUKS1
  cipher:  aes-cbc-essiv:sha256
  keysize: 256 bits
  device:  /dev/mapper/datavg-lv_cryptvol
  offset:  4096 sectors
  size:    4190208 sectors
  mode:    read/write

2. Delete existing key on the device
To remove an existing key from LUKS device, use cryptsetup luksRemoveKey command on the device from above command:

# cryptsetup luksRemoveKey /dev/mapper/datavg-lv_cryptvol 
Enter LUKS passphrase to be deleted: 

WARNING!
========
This is the last keyslot. Device will become unusable after purging this key.

Are you sure? (Type uppercase yes): YES

3. Delete the LUKS device
Once you have deleted the keys from device, you can delete the device using cryptsetup remove command.

# cryptsetup remove /dev/mapper/cryptvol

4. Remove the LVM volume
In this case, the logical volume device can also be removed so that the space is freed for other logical volumes within the volume group to utilize.

# lvremove /dev/mapper/datavg-lv_cryptvol
Note: If the name of the LUKS device is unknown use the blkid command to determine the corresponding devices.
# blkid
 /dev/mapper/datavg-lv_cryptvol: UUID="c33892eb-c89e-435e-80cc-e0fb1c64838e" TYPE="crypto_LUKS" 
 /dev/mapper/cryptvol: UUID="0b3cf4e6-14b4-4e93-a24b-98bd3b9e71ce" TYPE="ext4"

Filed Under: Linux

Some more articles you might also be interested in …

  1. ldconfig Command Options
  2. CentOS / RHEL 7 : How to check the status of a service using systemd
  3. CentOS/RHEL : Unmounting a Windows Share Fails – “device is busy”
  4. logrotate: command not found
  5. Understanding OpenSSH Configuration Files
  6. kpartx Command Examples in Linux
  7. How to Force ASM to Scan the Multipathed Device First using ASMLIB/oracleasm
  8. add-apt-repository: command not found
  9. How to Configure ACL(Access Control Lists) in Linux FileSystem
  10. Linux OS Service ‘anacron’

You May Also Like

Primary Sidebar

Recent Posts

  • nixos-rebuild Command Examples in Linux
  • nixos-option: Command Examples in Linux
  • nixos-container : Command Examples in Linux
  • nitrogen Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright