reUSBable is a simple bash script to automate the creation of LUKS encrypted USB devices.
The devices can then be used to securely 'transport' sensitive data between two computers, erasing any trace of previous data before each use, making the USB devices reusable.
luks.mp4
reUSBable was tested on linux.
On debian based operating system, install (if not already present) the folowing:
sudo apt install cryptsetup parted util-linuxOptionally for the command shred instead of dd:
sudo apt install coreutilscurl -LO https://raw.githubusercontent.com/revelaction/reUSBable/master/reUSBable.sh
# make it executable
chmod +x reUSBable.sh
# copy it to your path
cp reUSBable.sh ~/binRun the scrypt with sudo:
⤷ sudo ./reUSBable.sh
[sudo] password for revelaction:
1) DataTraveler_3.0 /dev/sde B0C54E757496FFB3K9F2
2) PC404 NVMe SK hynix 128GB /dev/nvme0n1 JJAN590010307L4V
[./reUSBable.sh] Please select the device: 1
[./reUSBable.sh] Choosen device is 💽 /dev/sde (DataTraveler_3.0)
[./reUSBable.sh] Choosen device has serial number 🔢 B0C54E757496FFB3K9F2
[./reUSBable.sh] Unmounting all crypt mapper devices from device /dev/sde:
[./reUSBable.sh] - Unmounting crypt dev mapper /dev/mapper/B0C54E757496FFB3K9F2_sde1
[./reUSBable.sh] - Closing crypt /dev/mapper/B0C54E757496FFB3K9F2_sde1
[./reUSBable.sh] Unmounting all partitions from device /dev/sde:
[./reUSBable.sh] - Unmounting partition /dev/sde1
umount: /dev/sde1: not mounted.
[./reUSBable.sh] Detected command shred for shred the device /dev/sde
[./reUSBable.sh] Press Enter to shred device /dev/sdeIf you want to avoid confirmation in each step, run the script with the flag -q
⤷ sudo ./reUSBable.sh -q
[sudo] password for revelaction:
1) DataTraveler_3.0 /dev/sde B0C54E757496FFB3K9F2
2) PC404 NVMe SK hynix 128GB /dev/nvme0n1 JJAN590010307L4V
[./reUSBable.sh] Please select the device: 1reUSBable should be run after (and before) using it for secure
transport of data between two computers.
reUSBable performs the following actions in a given USB (or other data device):
- It unmounts any previous partitions on the device.
- It shreds the entire device with the command
shred(if present) ordd. This step can last many minutes/hours. - It shreds the partition table of the device with
wipefsanddd. - It creates a new
gptpartition table. - It creates one partition using 100% of the device.
- It creates a LUKS2 partition on the previously create partition.
- It opens the LUKS2 partition and creates a ext4 filesystem inside.
- It mounts the filesystem in
/media/<user>
mount-luks.sh is a companion script to mount and unmount the files created by reUSBable.