2. Finish the USB stick
Automount the USB stick
Since we want the USB stick to be automatically mounted we need to create a directory for it to be mounted to and an entry in /etc/fstab.
First, create the directory with this command:
sudo mkdir /media/usbkeyfiles
Second, open the /etc/fstab file with vim
sudo vim /etc/fstab
and add the following line (see debian help for more information)
/dev/usbkeyfiles /media/usbkeyfiles ext2 user,suid,dev,users,exec 0 0
Unplug and replug the USB stick to test the automount.
Create the key file
Now we can create the key file that will be used to unlock our EHD.
First, create a directory on the USB stick to store the key file in:
sudo mkdir /media/usbkeyfiles/keyfiles
Then, make this directory only accessible for the root user (the reason why we needed a Linux file system on the USB stick):
sudo chmod 0700 /media/usbkeyfiles/keyfiles
Finally, create the key file (1024*4=4096 bits):
sudo dd if=/dev/urandom of=/media/usbkeyfiles/keyfiles/usbcrypthd.keyfile bs=1024 count=4
Leave the USB stick plugged in and mounted, we need it shortly again.