How to Create a Secure USB Drive in Ubuntu with Linux Unified Key Setup

Danny Stieben 20-04-2015

Encryption has been a hot topic in recent years, especially for personal uses. Any data that’s on the move should probably be encrypted Not Just For Paranoids: 4 Reasons To Encrypt Your Digital Life Encryption isn’t only for paranoid conspiracy theorists, nor is it just for tech geeks. Encryption is something every computer user can benefit from. Tech websites write about how you can encrypt your digital life, but... Read More so that only intended eyes can see the information. That’s why encryption is heavily used today for communications via the Internet.


But that isn’t the only form of data “on the move”; there’s other data people tend to forget about, namely in the form of a highly portable flash drive. If you regularly carry one, the data on it is just about as mobile as anything on the Internet. If you ever lose it, everything on it can be easily read by anyone.

While it’s recommended that you encrypt your laptop (and you can still encrypt your home folder How To Encrypt Your Home Folder After Ubuntu Installation [Linux] Imagine this: it's a great day, you're busy working on your computer at some event, and everything seems fine. After a while you get tired and decide to get something to eat and shut down... Read More even after you’ve already installed Ubuntu), there are several reasons why you may not want to 4 Reasons to Encrypt Your Linux Partitions Thinking about encrypting your Linux disk? It's a wise move, but wait until you've considered arguments for and against. Read More . Plus, a laptop is still a relatively large item, so the chances of it getting lost or stolen isn’t going to be quite as high as for a flash drive.

But a flash drive can disappear just like that.

If you’re a Linux user, you can easily encrypt your flash drive to protect you data in a worst-case scenario. While the functionality isn’t super easy to find, it’s very simple to do once you know where to look.

Beware of Downsides

First off, before we begin telling you how to encrypt your flash drive, you’ll need to know that there are a couple downsides, one of which is unique to this particular task. Just like any other form of encryption, the potential for lower performance definitely exists. The threat of decreased performance only exists for USB 3.0 flash drives Why You Should Upgrade To USB 3.0 It’s been quite a while since USB 3.0 has been included in motherboards, but now we've come to the point where most devices and computers come with the new and improved ports. We all know... Read More  as the flash drive itself isn’t slow enough to be the bottleneck even without encryption. If your drive is slow to begin with, the computer will still be able to encrypt/decrypt information faster than the data can be read from or written to the flash drive. For faster drives, the computer performing encryption and decryption may end up being slower than the read/write speeds of the drive. This mainly depends on the speed of the flash drive and the speed of the computer.


The other issue is that this particular encryption setup only works on Linux machines. If you plan on regularly using your flash drive on Windows or Mac systems, then this encryption technique is not for you (or use this on one flash drive and keep another one unencrypted if you have multiple drives). But if you only work with Linux systems, then this is fantastic solution that gives you seamless desktop integration that makes using your encrypted flash drive ridiculously easy.

Getting Ready

That being said, let’s get started! Before you can actually encrypt your flash drive, we need to make sure that a certain program is installed. On Ubuntu, you can easily check this by opening the terminal and running the command sudo apt-get install -y cryptsetup. Once this is installed, pick out the flash drive you’d like to encrypt, and make sure that everything that’s on it is backed up! The encryption process requires that your flash drive gets wiped, so anything that’s currently on it will be lost if it’s not backed up!

Let’s Encrypt!

After you’ve installed the package and made sure that your flash drive’s contents are backed up, go ahead and open up the Disk Utility from the Dash. You can just type in “disk utility” when searching the Dash and it should appear.

Now, click on your flash drive from the list on the left side. Then, click on the partition (usually there’s just one) and then choose either Unmount Partition or click on the Stop button. What you see depends on which version of Ubuntu you’re running, but the latest versions have the latter.


Next, you’ll want to click on the Gears icon that’s really close by the Stop icon you clicked on earlier. Then, choose Format.

In here, you can choose either quick erase or slow erase (although slow erase is technically safer since you’re wanting to use encryption), and then for the type choose Encrypted, compatible with Linux systems. Then you can type a name for the drive, set a passphrase for it, and click on Format. This will now set everything up on your flash drive, and may take some time depending on your flash drive’s speed and storage capacity.

Have a Cookie

Congratulations, you’ve encrypted your flash drive! Now every time you plug it into a Linux system, it will ask you for the passphrase and then automatically unlock it for you, letting you use it just as easily as before. Now if you happen to lose your flash drive, no one will be able to read its contents without running Linux and knowing your secure but memorable passphrase 13 Ways to Make Up Passwords That Are Secure and Memorable Want to know how to make up a secure password? These creative password ideas will help you create strong, memorable passwords. Read More .

For safe measure, be sure to unmount or eject your flash drive before actually pulling it out of your computer’s USB port. You can do so by right-clicking on the flash drive’s icon in the dock (or desktop, if it appears there) and choosing Eject. Otherwise, it may cause corruption on an encrypted drive which may cause more trouble than normal (although this is still very rare).


What devices or pieces of storage media have you encrypted? When is encryption worth it for you and when is it not? Let us know in the comments!

Related topics: Computer Security, Encryption, USB Drive.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Nico Blur
    December 14, 2016 at 5:06 pm

    I cant access my device anymore!! :(

    Error unlocking /dev/sdd: Command-line `cryptsetup luksOpen "/dev/sdd" "luks-6bc0db82-325c-4c33-a6ce-09b2c38d7e35" ' exited with non-zero exit status 2: No key available with this passphrase.
    (udisks-error-quark, 0)

    please contact me:
    [Broken Link Removed]

  2. masacre
    June 4, 2016 at 9:25 am

    You need the "Disks" GTK app to do this, right?

  3. Pratik
    March 2, 2016 at 2:36 pm

    I just forgot the password. Is there any way to get my data back. Thanks in advance

  4. Barani daran
    April 28, 2015 at 2:24 pm

    After doing the encryption, If we are connecting the usb in windows or mac os the data in the usb can be accessed.

    • Danny Stieben
      April 30, 2015 at 9:18 pm

      It can? Can you show us how?

  5. Benni
    April 27, 2015 at 10:46 pm

    @Dan: Actually TrueCrypt is very insecure because there are many faults in the way of encryption.
    On the Sourceforge website of TrueCrypt,, the author warns, that "Using TrueCrypt is not secure as it may contain unfixed security issues".
    There are so many bugs in this software, that the secure encryption isn`t guaranted.
    I recommend VeraCrypt to you, it`s an further development of TrueCrypt. They use the source code and had fixed all bugs.

  6. Dan
    April 21, 2015 at 2:38 pm

    My comment seems to have been lost in the great /dev/null abyss of the cyberworld.

  7. Dan
    April 20, 2015 at 10:34 pm

    I use LUKS+LVM on my laptop but I encrypt my USBs with Truecrypt for inter-operability reasons. Truecrypt has shown itself to be a reliable and still secure despite being abandoned by the developers. And there are new projects that work with TC volumes like Veracrypt and Ciphershed.

    Also, is there a real "threat of decreased performance"? With pretty much all recent consumer chips from Intel and AMD supporting the AES-NI instruction set, encryption/decryption is no longer a bottleneck. I just now used Veracrypt's benchmark tool on my mobile Ivy Bridge and it encrypts/decrypts AES at 900MB/s to 1GB/s in RAM. USB 3.0 SuperSpeed only goes up to 625 MB/s and most current 3.0 controllers can't even reach that theoretical limit. So long as you use AES and have a recent PC/laptop, then the encryption overhead is a non-issue.

    • Danny Stieben
      April 30, 2015 at 9:16 pm

      You're right, encryption overhead has been reduced significantly. There's still a slight drop in performance, but it's often minimal enough for people to prefer the encryption despite that slight drop.

      I do want to point out though that TrueCrypt isn't being developed anymore, and there was a big advisory going around not to use TrueCrypt anymore. Just thought you should know. I suppose you could still use it if you want but there's a risk with that.