Endpoint Management
v2504
Search this version
Endpoint Management
Endpoint Management
OPSWAT Central Management
MetaDefender IT-OT Access - Endpoint Management
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
How do I solve encryption issues on MetaDefender Endpoint/MetaDefender IT-OT Access VM devices using Cryptsetup?
AI Tools
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
Users running MetaDefender Endpoint on one or more Linux virtual devices (VMs) may occasionally seeMetaDefender IT-OT Access device compliance warnings/flags related to encryption.
This warning/flag is triggered by a device issue and will appear under MetaDefender IT-OT Access Console>Inventory>Devices>Relevant Device>Detailed Device Information>Deep Compliance>Encryption.
This article covers the process of using Cryptsetup to:
- Option 1: encrypt your virtual disk during the Ubuntu install process.
- Option 2: encrypt your Home partition following Ubuntu install.
Option 1: Encryption During Install
Phase 1: Initiate Ubuntu installation
- Boot your new VM via either your computer’s DVD drive, a USB flash drive, your VM installer tool, or an Ubuntu image.
- Select your Language, then click Install Ubuntu on the right-hand side of the screen to start installing the distro.
- Select your preferred Keyboard layout, then click Continue.
On the Updates and other software screen, select how you would like to install Ubuntu. Your options include:
- Normal installation: all features and selected software will be installed.
- Minimal installation:only basic components will be installed, and you can download and install software as required.
- Download updates while installing Ubuntu: auto-download updates while installing, provided you are on a stable, fast internet connection.
- Install third-party software for graphics and Wi-Fi hardware and additional media formats: some license-requiring software, and some proprietary software for graphics, Wi-Fi and additional media formats, will be installed.
Click Continue to save and proceed.
Phase 2: Encrypt Your Disk During Install
- On the Installation type screen of the wizard, select the installation type to be applied to your disk while installing. There are two options:
- Erase disk and install Ubuntu: select this option.
- Something else: ignore this option.
- Under the first option above, there are two sub-options that are checked by default and that should remain checked. If they are not checked, ensure that you check them. They are:
- Encrypt the new Ubuntu installation for security: select this option.
- Use LVM with the new Ubuntu installation: select this option.
- With the appropriate boxes checked, click the Install Now button.
- Set and confirm a strong Security Key that will be entered when the VM starts up.
- Click Install Now to proceed.
- On the pop-up screen, you should opt to Overwrite all empty disk space, then click Continue to proceed.
Phase 3: Finish the Installation
- Select your preferred Time Zone.
- On the Who are you? Screen, create a login account and set a hostname for your VM.
- As an additional layer of security, select the Require my password to log in option on this same screen.
- On the same page, you should also select the option to Encrypt my home folder, as an added layer of security for the data on your system.
- Click Continue to save your settings and begin the installation.
- Finally, click the Restart Now button on the pop-up to restart your system and complete the installation.
Phase 4: Verify That the Disk Is Encrypted
- Log into the system by entering the Credentials that you set up during Phase 3 above, then clicking Sign In.
- Once you’re logged in, open a Terminal and run the following command to check your encryption status: $lsblk -o NAME,MOUNTPOINT,TYPE,FSTYPE
- In the response, check the file system type of a given partition. If it is listed as crypto_LUKS for the FSTYPE, this means the partition is encrypted.
Phase 1: Install the Encryption Utilities
- Open a Terminal and run the following command to install the encryption utilities: sudo apt-get install ecryptfs-utils cryptsetup
- Log out, then log in again with the newly created user, tempuser.
Phase 3: Migrate the Same Home Folder That You Wish To Encrypt
Open a Terminal, then run the following command to migrate the Home partition of the user named test, the same Home partition you plan to encrypt:
Phase 4: Log Into The Account for Which the Home Partition Is To Be Encrypted
- Log out and log back in again as the user who’s Home partition will be encrypted - in this case, test.
- Once you are logged in, click the Run this action now button to create a recovery Passphrase. Store this passphrase safely, as you will need it if you ever have to recover files manually in future.
Phase 5: Verify That the Home Partition Is Encrypted
- Open a Terminal and run the following command to verify the encryption status of your Home partition: ls -A /home
If your home folder has been encrypted, you will see a .ecryptfs folder in the response.
Reference:
VariableType to search · ESC to discard
GlossaryType to search · ESC to discard
InsertType to search · ESC to discard
No matches
Last updated on
Was this page helpful?
Next to read:
How do I solve FileVault issues on MetaDefender Endpoint/MetaDefender IT-OT Access devices?null
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message
On This Page