First, RTFM (see Reading List, below).
Second, set up the encrypted filesystem with Yast. I followed these instructions from the openSUSE 12.3 Security Guide:
So far, so good.
Third, mount the encrypted filesystem on a computer (the same one or a different one). For this, we use the cryptsetup and mount commands like so:
# cryptsetup luksOpen /dev/sdb1 foobar [enter passphrase] # mount /dev/mapper/foobar /mnt/foobarIn the above example,
/dev/sdb1is the device name assigned by udev and
foobaris the mapping name. (Read the cryptsetup manpage for details.) A very straightforward way of determining the device name is the
blkidcommand. For example, on one of my systems the output looks like this:
# blkid /dev/sda1: UUID="396cff33-92df-4b1b-8cb0-7845cac9ce3a" TYPE="swap" /dev/sda2: UUID="c993ad9f-6ace-436e-a494-da510a304823" TYPE="ext4" /dev/sda3: UUID="ce63f32c-47b1-4400-931f-8bf7d38bdb45" TYPE="ext4" /dev/sdb1: UUID="86036694-0ff0-4d5e-8889-319b8158d574" TYPE="crypto_LUKS" /dev/sdb2: UUID="aa9e5e0f-42f7-433d-ba27-72ad361f5f40" TYPE="xfs"As you can easily see, in this case
/dev/sdb1is the only encrypted filesystem currently seen by the Linux kernel.
Fourth, unmount it when you're done:
# umount /dev/mapper/foobar # cryptsetup remove foobar