First create the logical volume:
~ $ lvcreate -L100G -n lv01 vg0
Now create the encrypted volume, you will be asked for the master password, it’s very important you save it safely.
~ $ cryptsetup -y -v luksFormat /dev/vg/lv01
Open the encrypted volume, is mapping to /dev/mapper:
~ $ cryptsetup luksOpen /dev/vg/lv01 clv01
Show the status:
~ $ cryptsetup -v status /dev/mapper/clv01 /dev/mapper/clv01 is active. type: LUKS1 cipher: aes-cbc-essiv:sha256 keysize: 256 bits device: /dev/mapper/vg-lv01 offset: 4096 sectors size: 2147479552 sectors mode: read/write Command successful.
To see the headers on the encrypted partition:
~ $ cryptsetup luksDump /dev/vg/lv01
It’s advisable writing zeros to the disk, be patient with a huge disk:
~ $ dd if=/dev/zero of=/dev/mapper/clv01
Format the file system with the desirable format:
~ $ mkfs.ext4 /dev/mapper/clv01
Mount device, for example in /mnt/DATA:
~ $ mount /dev/mapper/clv01 /mnt/DATA/
Unmount device safely:
~ $ umount /dev/mapper/clv01 ~ $ cryptsetup luksClose /dev/mapper/clv01