Extend an Encrypted LUKS Partition

General disclaimer applies, no liability will be accepted for any loss or damage, use at your own risk and do frequent backups!

Scenario

We have a 1TB Samsung external HDD, which currently contains 2 partitions:

# fdisk -l /dev/sdc
Disk /dev/sdc: 1000.2 GB, 1000194400256 bytes
[...]

Device Boot Start End Blocks Id System
/dev/sdc1 2048 1048578047 524288000 83 Linux
/dev/sdc2 1048578048 1953504687 452463320 7 HPFS/NTFS/exFAT

The first partition, /dev/sdc1, is an encrypted LUKS volume. What we want to do is to delete the NTFS /dev/sdc2 partition and use its size for the LUKS partition.

Extend the Partition

Make sure the LUKS partition is not mounted nor opened (doesn’t appear under /dev/mapper). The idea now is to delete both partitions from the partition table (not the actual data!) and create a new partition with the same¬†start block (2048, see above, extremely important) as the original LUKS volume.

# fdisk /dev/sdc

Command (m for help): p

Disk /dev/sdc: 1000.2 GB, 1000194400256 bytes
[...]

Device Boot Start End Blocks Id System
/dev/sdc1 2048 1048578047 524288000 83 Linux
/dev/sdc2 1048578048 1953504687 452463320 7 HPFS/NTFS/exFAT

Command (m for help): d
Partition number (1-4): 2

Command (m for help): d
Selected partition 1

Command (m for help): p

Disk /dev/sdc: 1000.2 GB, 1000194400256 bytes
[...]

Device Boot Start End Blocks Id System

Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
Using default value 1
First sector (2048-1953504687, default 2048): 2048
Last sector, +sectors or +size{K,M,G} (2048-1953504687, default 1953504687):
Using default value 1953504687

Command (m for help): p

Disk /dev/sdc: 1000.2 GB, 1000194400256 bytes
[...]

Device Boot Start End Blocks Id System
/dev/sdc1 2048 1953504687 976751320 83 Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

Decrypt the Partition

# cryptsetup luksOpen /dev/sdc1 samsung

Run Filesystem Check and Resize the Partition

# e2fsck -f /dev/mapper/samsung
e2fsck 1.42.5 (29-Jul-2012)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking dir#ectory structure
Pass 3: Checking directory connectivity
/lost+found not found. Create<y>? yes
Pass 4: Checking reference counts
Pass 5: Checking group summary information

samsung_luks: ***** FILE SYSTEM WAS MODIFIED *****
samsung_luks: 35603/32768000 files (9.1% non-contiguous), 107366347/131071488 blocks
# resize2fs /dev/mapper/samsung
resize2fs 1.42.5 (29-Jul-2012)
Resizing the filesystem on /dev/mapper/samsung to 244187318 (4k) blocks.
The filesystem on /dev/mapper/samsung is now 244187136 blocks long.

Mount the Volume and Check the Size

# mount /dev/mapper/samsung /mnt/
# df -h | grep samsung
/dev/mapper/samsung 917G 402G 469G 47% /mnt

2 thoughts on “Extend an Encrypted LUKS Partition

  1. Thank you so much. I had a secondary HD (not boot drive) and just a plain LUKS-crypt partition. Everywhere I looked they dealt with LVM and the boot drive resizing, etc. This worked perfectly so I could enlarge my LUKS partition on Debian Jessie. Didn’t have to use the Live CD since it wasn’t the boot drive. Thank you so much for posting this.

Leave a Reply

Your email address will not be published. Required fields are marked *