If your requirement is for the entire system to be encrypted then I think the only is a system rebuild, but if you can convince management that a good compromise is encrypting only the applications and their data, you should be able to add encrypted storage, copy the sensitive files and wipe the old allocations. I have done this for a test system encrypting a MySQL database instance and a web server instance, in anticipation of an "encrypted at rest" directive coming down from management.
--
Thomas Kern
Senior VM Systems Programmer/Linux Systems Administrator
Office of the Chief Information Officer
On Contract to U.S. Department of Energy
O: 301-903-2211 | M: 301-905-6427
Thomas.Kern@xxxxxxxxxx
--
A subtlety of Murphy's Law:
If it can go wrong, it already has,
and you just haven't realized it yet.
-----Original Message-----
From: Wells, Roger K. [mailto:wellsr@xxxxxxxxxx]
Sent: Tuesday, December 12, 2017 9:41 AM
To: CentOS mailing list <centos@xxxxxxxxxx>
Subject: LUKS question
I have existing systems with un-encrypted disks.
I have tried unsuccessfully to encrypt them using LUKS.
Has anyone out there been able to encrypt an existing system (after the
fact, so to speak)?
TIA
--
Roger Wells, P.E.
leidos
221 Third St
Newport, RI 02840
401-847-4210 (voice)
401-849-1585 (fax)
roger.k.wells@xxxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
