This example is using RTL8821AU chipset from a TP-Link T2U Plus USB adapter and other similar ones should work the same.
Here's how to get this chipset RTL8821AU working in Linux.
Here's how to get RTL8812 and RTL8822 working in Linux.........
Just in case, it is reocmmended to backup the original contents of the directory (especially your home dir) before proceeding.
Setup ecryptfs
Run this command: ecryptfs-setup-private
It will ask you for your login password, this is so that when you login, everything is automatically decrypted by using a passphrase that is wrapped with your login.
You can hit enter and leave things blank for an autogenerated passphrase (for mounting) or you can en........
The key is that you need to know the passphrase to do it, if you don't know the password for the key then you can't remove the key since it cannot be decrypted.
ssh-keygen is the easiest method and openssl can be used to manually remove the key and output it to a new file, which you can then copy back over top of the encrypted file.
After that your public key authentication will work without any password prompt because it is no longer encrypted. Make sure you understand........
The reason for doing this is that the installer doesn't seem to work properly for LUKS and the server installer doesn't even support LUKS anymore. When you use the GUI install on Desktop for LUKS it won't boot and will just hang after you enter your password. So the only reliable way is to do it ourselves.
1.) Make a default minimal install of Ubuntu
2.) Have a secondary disk on the server or VM.
3.)........
ssh-keygen -p -f /path/to/your/id_rsa
Enter new passphrase (empty for no passphrase):
After that your rsa private key will be encrypted which is a layer of protection and security in the event that somehow someone acquires your key and tries to access servers that the key is authorized on.........
The key thing here is to know the actual partition that is encrypted.
Often in Linux Mint's installer that ends up being partition 5 or /dev/sda5
sudo cryptsetup luksOpen /dev/sda5 anynamehere
You will then be prompted for your irrecoverable passphrase:
Enter passphrase for /dev/sda5:
If all goes well it won't say anything further. If it says ""No key available with this passphr........
The easiest way to recover or mount an off-line ecryptfs directory is the built-in command from ecryptfs
sudo ecryptfs-recover-private It will find your wrapped passphrase and ask for your password and mount it in tmp. Much easier especially when your current active OS is using ecryptfs too.
This a fantastic tool when going through old backups.........
ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok with sig [ee16d84] "into the user session keyring
mount: No such file or directory"
[ 156.118113] ecryptfs_mount: kern_path() failed
[ 156.118431] Reading sb failed; rc = [-2]
[ 164.233055] traps: mate-notificati[3472] trap int3 ip:7f43d7002c13 sp:7fff162c6600 error:0
[ 166.017061] ecryptfs_mount: kern_path() failed........
This is based on Debian Linux but should apply equally to any *nix distro.
Install LUKS/crypt-setup
apt-get install cryptsetup
Setup your LUKS Partition
Of course change /dev/md2 with whatever partition you intend to use LUKS on.
cryptsetup --verbose --verify-passphrase luksFormat /dev/md2
You'll be asked to verify your decryption password twice
*DO NOT FORGET THIS PASSWORD AS IT IS NOT RECOVERABLE!........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........