Search the Community

Synology officially supports the Btrfs filesystem on all of their NAS devices. The Btrfs filesystem has a lot of advantages over the traditional EXT4 filesystem. The advantages of using the Btrfs filesystem are: i) Metadata mirroring and increased data availability: The Btrfs filesystem keeps 2 copies of the filesystem metadata on a volume. This allows the Btrfs filesystem to recover data in case the hard drive is damaged or suffers from errors. ii) File self-healing: The Btrfs filesystem provides checksums for the data and metadata. It verifies the checksums of the data or metadata each time they are accessed. So, any filesystem errors will be detected and the necessary steps will be taken to recover the corrupted files. iii) Snapshots and data protection: The Btrfs filesystem allows you to take instant snapshots of an entire shared folder. If you accidentally removed important files or folders from a shared folder, you can easily recover them to their earlier state from snapshots. iv) Low impact, big benefit: Because of the copy-on-write (CoW) architecture of the Btrfs filesystem, a Btrfs snapshot consumes a small amount of disk space. Also, Btrfs snapshots do not impact the filesystem performance very much. v) Instantaneous snapshots: Because of the copy-on-write (CoW) architecture of the Btrfs filesystem, taking a Btrfs snapshot is an instantaneous process. You also don’t have to worry about files being modified or deleted when a snapshot is being taken. vi) Frequent, scheduled backup: You can configure a shared folder to take snapshots automatically after a given interval of time without any performance impact on the storage device. vii) Customizable retention policy: You can configure the number of snapshots you want to keep for each of the shared folders. This way the older unnecessary snapshots are automatically removed. viii) Self-service recovery: The NAS users can view earlier versions of files and restore them to an early state using the File Station app or Windows File Explorer. ix) Instant SMB/AFP server-side copy: Btrfs fast-clone technology allows the users to copy files between shared folders instantly using the SMB/AFP protocols if the source and destinations are on the same Btrfs volume. x) Efficient Drive storage: If you use Synology Drive, then file versioning on EXT4 volumes takes double storage space. However, this is not the case for the Btrfs volumes. xi) Data consistency of backups: When you take a backup of a Btrfs volume, a snapshot is created before starting the backup, and files are copied to the destination from the snapshot. So, you don’t have to worry about files being modified, moved, or deleted while the backup is in progress. xii) Quotas for shared folders: You can limit the amount of storage space a shared folder can use if the shared folder is created on a Btrfs volume. xiii) Clone entire shared folders: As Btrfs is a copy-on-write filesystem, you can make an instant clone of an entire shared folder very easily. In this article, I am going to show you how to create a Btrfs volume and work with Btrfs snapshots on your Synology NAS. So, let us get started. How to Create a Btrfs Volume? In this section, I am going to show you how to create a Btrfs volume on your Synology NAS. First, open the Storage Manager app from the Application Menu of your Synology NAS web management GUI. To create a new Btrfs volume, you must have a free storage pool. Here, I have a Storage Pool 4 that has some free spaces. To create a new volume, navigate to the Volume section of the Storage Manager app and click on Create. From the Volume Creation Wizard, select Custom and click on Next. Select Choose an existing storage pool and click on Next. Select the storage pool (Storage Pool 4 in my case) where you want to create the volume from the Storage pool dropdown menu and click on Next. Select Btrfs and click on Next. Type in the amount of storage space (in GB unit) you want to allocate to the new volume of your selected storage pool and click on Next. The settings to be used to create the Btrfs volume should be displayed. To create a volume with these settings, click on Apply. A new Btrfs volume is being created. It may take a while to complete. A new Btrfs volume (Volume 5 in my case) should be created, as shown in the screenshot below. Creating a Shared Folder: To use the Btrfs volume you have created for storing data, you need to create a shared folder on your Synology NAS. To create a shared folder, click on Shared Folder from the Control Panel app, as marked in the screenshot below. Click on Create. Click on Create. Type in the shared folder name. I will name it btrfs_share. Nonetheless, you can name it anything you want. Select the newly created Btrfs volume (Volume 5 in this case) from the Location dropdown menu, as shown in the screenshot below. Once you are done, click on Next. If you want to encrypt the shared folder, you can check the Encrypt this shared folder checkbox and type in an encryption key. If you do not want to encrypt the shared folder, you do not have to do anything here. Once you are done with this step, click on Next. You can configure some advanced settings for the shared folder from here. If you want to perform checksums on the files you store on this shared folder to make sure not a single bit is flipped in any way, check the Enable data checksum for advanced data integrity checkbox. If you enable data checksum, then you can also check the Enable file compression checkbox to compress the files you store on this shared folder automatically. You can enable quota for this shared folder by checking the Enable shared folder quota checkbox and type in the amount of storage space (in GB) you want this share to use from your selected volume (Volume 5 in this case). Once you are done, click on Next. The settings to be used to create the shared folder btrfs_share should be displayed. To create a shared folder with these settings, click on Apply. Now, you have to set the necessary permissions for the users you want to give access to this shared folder. Once you are done, click on OK. A new shared folder btrfs_share should be created. Installing Snapshot Replication: You can use the official Snapshot Replication app to take, restore, and remove snapshots of your shared folders that you have created on a Btrfs volume. The Snapshot Replication app is not installed by default. But, you can easily install it on your Synology NAS from the Package Center app. First, open the Package Center app from the Main Menu of Synology Web GUI, as marked in the screenshot below. The Package Center app should be opened. Search the keyword snapshot and you will find the Snapshot Replication app, as you can see in the screenshot below. To install the Snapshot Replication app, click on Install, as shown in the screenshot below. The Snapshot Replication app is being installed. It may take a few seconds to complete. At this point, the Snapshot Replication app should be installed. Once the Snapshot Replication app is installed, you can run it from the Main Menu of your Synology Web GUI, as you can see in the screenshot below. Click on OK. The Snapshot Replication app should be ready to use. Take Btrfs Snapshots of Shared Folders: To take snapshots of shared folders that were created on Btrfs formatted volumes, navigate to the Snapshots section of the Snapshot Replication app. You should see all the shared folders that support the Btrfs snapshot feature, as shown in the screenshot below. To take a snapshot of the shared folder btrfs_share, select it and click on the Snapshot drop-down menu, as marked in the screenshot below. Click on Take a Snapshot. Type a description for the snapshot. Once you are done, click on OK. A snapshot of the shared folder btrfs_share should be taken. To see the snapshots you have taken of the shared folder, select it and click on Snapshot > Snapshot List, as marked in the screenshot below. As you can see, the snapshot I have taken earlier on the shared folder btrfs_share is listed. Restore Shared Folders from Btrfs Snapshots: In this section, I am going to show you how to restore a shared folder to its earlier state from a snapshot. To demonstrate the process, I have created a new file message.txt in the btrfs_share shared folder with the following content before taking the snapshot in the Take Btrfs Snapshots section of this article. After I have taken a snapshot of the btrfs_share shared folder, I have added a new line to the message.txt file, as you can see in the screenshot below. Let’s recover the shared folder btrfs_share to its earlier state, before adding a new line to the message.txt file in this case. To recover a shared folder to its earlier state from a snapshot, navigate to the Recovery section of the Snapshot Replication app. The shared folders that you have taken snapshots on should be listed here. To recover the shared folder btrfs_share from a snapshot, select it and click on Recover, as marked in the screenshot below. The available snapshots on the btrfs_share shared folder should be listed, as you can see in the screenshot below. To recover the shared folder btrfs_share from a snapshot, select the snapshot and click on the Action drop-down menu. Click on Restore to this snapshot, as shown in the screenshot below. If you want to take a snapshot of the current state of the shared folder, then check Take a snapshot before restoring checkbox from the Restore window, as marked in the screenshot below. If you don’t want to take a snapshot of the current state of the shared folder, then make sure to uncheck the Take a snapshot before restoring checkbox from the Restore window. In this article, I will not take a snapshot of the current state of the shared folder. So, I will keep the Take a snapshot before restoring checkbox unchecked. Once you’ve decided whether you want to take a snapshot of the current state of the shared folder before restoring a shared folder from a snapshot, click on OK. The shared folder is being restored from a snapshot. It may take a few seconds to complete. At this point, the shared folder btrfs_share should be restored from the snapshot. As you can see, the line I have added to the message.txt file is gone. So, the shared folder btrfs_share is restored from the snapshot just fine. Managing Btrfs Snapshots: In this section, I am going to show you how to remove and change the description of the snapshots you’ve taken on your shared folders. To manage the snapshots you’ve taken on your shared folders, navigate to the Snapshots section of the Snapshot Replication app. Then, select a shared folder and click on Snapshot > Snapshot List, as marked in the screenshot below to list all the snapshots you’ve taken on that shared folder. As you can see, the snapshot I have taken on the btrfs_share shared folder is listed. To edit the description of a snapshot you’ve already taken, select the snapshot and click on Edit, as marked in the screenshot below. Type in the new description for the snapshot and click on OK, as marked in the screenshot below. The description of the snapshot should be changed, as you can see in the screenshot below. To remove a snapshot, select it and click on Remove, as marked in the screenshot below. To confirm the removal operation, click on Delete, as marked in the screenshot below. The snapshot should be removed, as you can see in the screenshot below. Browsing Shared Folders Using Btrfs Snapshots: You can browse an earlier state of your shared folders using their respective Btrfs snapshots. This feature of the Btrfs filesystem will let you browse older versions of the files of the shared folders using the Btrfs snapshots you’ve taken on these shared folders. To browse shared folders using their respective Btrfs snapshots, you have to enable it. To enable this feature, select a shared folder (btrs_share let’s say) from the Snapshots section of the Snapshot Replication app and click on Settings, as marked in the screenshot below. From the Settings window, navigate to the Advanced tab, check the Make snapshot visible checkbox, and click on OK. The feature should be enabled for your selected shared folder (btrfs_share in my case). Now, select the shared folder for which you have enabled the snapshot to browse feature (btrfs_share in this case) and click on the Snapshots drop-down menu, as marked in the screenshot below. Click on Snapshot List, as marked in the screenshot below. All the snapshots you have taken on the shared folder btrfs_share should be listed. To demonstrate the snapshot browse feature, I have taken 2 snapshots: snapshot 1 and snapshot 2, as shown below. Each of the snapshots has a different version of the message.txt file. To browse the contents of the snapshot 1 snapshot, select it from the list and click on Browse. The File Station app should open the shared folder in the state at which you have taken the snapshot 1 snapshot. You can see the contents of the message.txt file from the snapshot 1 snapshot. The same process is done to browse the contents of the snapshot 2 snapshot, select it from the list and click on Browse. The File Station app should open the shared folder in the state at which you have taken the snapshot 2 snapshot. You can see the contents of the message.txt file from the snapshot 2 snapshot. The contents of the message.txt file are different than it was in snapshot 1 snapshot. So, the snapshot browses feature is working fine. Configuring Synology NAS to Take Automatic Snapshots of Shared Folders: You can configure your Synology NAS to take snapshots of your shared folders automatically at a given interval using the Snapshot Replication app. To configure your Synology NAS to take automatic snapshots of the shared folder btrfs_share (let’s say), select it from the Snapshots section of the Snapshot Replication app and click on Settings, as marked in the screenshot below. From the Schedule tab of the Settings window, check the Enable snapshot schedule checkbox, as marked in the screenshot below. Once snapshot scheduling is enabled, you can configure the interval of the snapshot from the Schedule tab of the Settings window. For example, you can configure whether you want to take a snapshot of the shared folder daily or on a specific day of the week. You can also configure the time of the day at which the snapshot will be taken. You can configure the frequency (whether you want to take a snapshot every day or after every desired hour or minutes interval) of the snapshot as well. You can configure the retention policy of the snapshots (the number of snapshots you want to keep) from the Retention tab of the Settings window. By default, all the snapshots that the Synology NAS will take are retained (kept). To keep only a number of the latest snapshots and remove the older ones, select the Specify the number of latest snapshots to retain option and type in the number of snapshots you want to keep, as shown in the screenshot below. You can configure when the Synology NAS will remove older snapshots using the Choose when to delete snapshots drop-down menu. Once you’re done, click on OK. To confirm the snapshot schedule and retention policy, click on OK. The shared folders you have configured to take automatic snapshots will show the Scheduled mark in the Snapshots section of the Snapshot Replication app, as you can see in the screenshot below. It means that the shared folder is configured to take snapshots automatically. Conclusion: In this article, I have shown you how to create a Btrfs volume and a shared folder on your Synology NAS. Also, I included the process of installing the Snapshot Replication app on your Synology NAS to manage Btrfs snapshots. I have also shown you how to take Btrfs snapshots of your shared folders and restore your shared folders to an earlier state from a Btrfs snapshot. Finally, I have shown you how to browse shared folders using Btrfs snapshots and configure the Synology NAS to take snapshots of your shared folders automatically. References: [1] How Btrfs protects your company’s data | Synology Inc View the full article

Like any other filesystems, the Btrfs filesystem also has a lot of mount options that you can use to configure the Btrfs filesystem’s behavior while mounting the filesystem. This article will show you how to mount a Btrfs filesystem with your desired mount options. I will explain some of the useful Btrfs mount options as well. So, let’s get started. Abbreviations ACL – Access Control List RAID – Redundant Array of Independent/Inexpensive Disks UUID – Universally Unique Identifier Where to Put Btrfs Mount Options You can mount a Btrfs filesystem using the mount command-line program or the /etc/fstab file at boot time. You can configure the behavior of the Btrfs filesystem using mount options. In this section, I am going to show you how to mount a Btrfs filesystem using different mount options: from the command-line. using the /etc/fstab From the command-line, you can mount a Btrfs filesystem (created on the sdb storage device) on the /data directory with the mount options option1, option2, option3, etc. as follows: $ sudo mount -o option1,option2,option3,… /dev/sdb /data To mount the same Btrfs filesystem at boot time using the /etc/fstab file, you need to find the UUID of the Btrfs filesystem. You can find the UUID of the Btrfs filesystem with the following command: $ sudo blkid --match-token TYPE=btrfs As you can see, the UUID of the Btrfs filesystem created on the sdb storage device is c69a889a-8fd2-4571-bd97-a3c2e4543b6b. Open the /etc/fstab file with the following command: $ sudo nano /etc/fstab To automatically mount the Btrfs filesystem that has the UUID c69a889a-8fd2-4571-bd97-a3c2e4543b6b on the /data directory with the mount options option1,option2,option3, etc., add the following line at the end of the /etc/fstab file. UUID=c69a889a-8fd2-4571-bd97-a3c2e4543b6b /data btrfs option1,option2,option3,… 0 0 Once you’re done, press <Ctrl> + X followed by Y and <Enter> to save the /etc/fstab file. Your Btrfs filesystem should be mounted with your desired mount options. Important Btrfs Mount Options In this section, I am going to explain some of the important Btrfs mount options. So, let’s get started. The most important Btrfs mount options are: 1. acl and noacl ACL manages user and group permissions for the files/directories of the Btrfs filesystem. The acl Btrfs mount option enables ACL. To disable ACL, you can use the noacl mount option. By default, ACL is enabled. So, the Btrfs filesystem uses the acl mount option by default. 2. autodefrag and noautodefrag Defragmenting a Btrfs filesystem will improve the filesystem’s performance by reducing data fragmentation. The autodefrag mount option enables automatic defragmentation of the Btrfs filesystem. The noautodefrag mount option disables automatic defragmentation of the Btrfs filesystem. By default, automatic defragmentation is disabled. So, the Btrfs filesystem uses the noautodefrag mount option by default. 3. compress and compress-force Controls the filesystem-level data compression of the Btrfs filesystem. The compress option compresses only the files that are worth compressing (if compressing the file saves disk space). The compress-force option compresses every file of the Btrfs filesystem even if compressing the file increases its size. The Btrfs filesystem support many compression algorithms and each of the compression algorithm has different levels of compression. The Btrfs supported compression algorithms are: lzo, zlib (level 1 to 9), and zstd (level 1 to 15). You can specify what compression algorithm to use for the Btrfs filesystem with one of the following mount options: compress=algorithm:level compress-force=algorithm:level For more information, check my article How to Enable Btrfs Filesystem Compression. 4. subvol and subvolid These mount options are used to separately mount a specific subvolume of a Btrfs filesystem. The subvol mount option is used to mount the subvolume of a Btrfs filesystem using its relative path. The subvolid mount option is used to mount the subvolume of a Btrfs filesystem using the ID of the subvolume. For more information, check my article How to Create and Mount Btrfs Subvolumes. 5. device The device mount option is used in multi-device Btrfs filesystem or Btrfs RAID. In some cases, the operating system may fail to detect the storage devices used in a multi-device Btrfs filesystem or Btrfs RAID. In such cases, you can use the device mount option to specify the devices that you want to use for the Btrfs multi-device filesystem or RAID. You can use the device mount option multiple times to load different storage devices for the Btrfs multi-device filesystem or RAID. You can use the device name (i.e., sdb, sdc) or UUID, UUID_SUB, or PARTUUID of the storage device with the device mount option to identify the storage device. For example, device=/dev/sdb device=/dev/sdb,device=/dev/sdc device=UUID_SUB=490a263d-eb9a-4558-931e-998d4d080c5d device=UUID_SUB=490a263d-eb9a-4558-931e-998d4d080c5d,device=UUID_SUB=f7ce4875-0874-436a-b47d-3edef66d3424 6. degraded The degraded mount option allows a Btrfs RAID to be mounted with fewer storage devices than the RAID profile requires. For example, the raid1 profile requires 2 storage devices to be present. If one of the storage devices is not available in any case, you use the degraded mount option to mount the RAID even though 1 out of 2 storage devices is available. 7. commit The commit mount option is used to set the interval (in seconds) within which the data will be written to the storage device. The default is set to 30 seconds. To set the commit interval to 15 seconds, you can use the mount option commit=15 (let’s say). 8. ssd and nossd The ssd mount option tells the Btrfs filesystem that the filesystem is using an SSD storage device, and the Btrfs filesystem does the necessary SSD optimization. The nossd mount option disables SSD optimization. The Btrfs filesystem automatically detects whether an SSD is used for the Btrfs filesystem. If an SSD is used, the ssd mount option is enabled. Otherwise, the nossd mount option is enabled. 9. ssd_spread and nossd_spread The ssd_spread mount option tries to allocate big continuous chunks of unused space from the SSD. This feature improves the performance of low-end (cheap) SSDs. The nossd_spread mount option disables the ssd_spread feature. The Btrfs filesystem automatically detects whether an SSD is used for the Btrfs filesystem. If an SSD is used, the ssd_spread mount option is enabled. Otherwise, the nossd_spread mount option is enabled. 10. discard and nodiscard If you’re using an SSD that supports asynchronous queued TRIM (SATA rev3.1), then the discard mount option will enable the discarding of freed file blocks. This will improve the performance of the SSD. If the SSD does not support asynchronous queued TRIM, then the discard mount option will degrade the SSD’s performance. In that case, the nodiscard mount option should be used. By default, the nodiscard mount option is used. 11. norecovery If the norecovery mount option is used, the Btrfs filesystem will not try to perform the data recovery operation at mount time. 12. usebackuproot and nousebackuproot If the usebackuproot mount option is used, the Btrfs filesystem will try to recover any bad/corrupted tree root at mount time. The Btrfs filesystem may store multiple tree roots in the filesystem. The usebackuproot mount option will scan for a good tree root and use the first good one it finds. The nousebackuproot mount option will not check or recover bad/corrupted tree roots at mount time. This is the default behavior of the Btrfs filesystem. 13. space_cache, space_cache=version, nospace_cache, and clear_cache The space_cache mount option is used to control the free space cache. Free space cache is used to improve the performance of reading the block group free space of the Btrfs filesystem into memory (RAM). The Btrfs filesystem supports 2 versions of the free space cache: v1 (default) and v2 The v2 free space caching mechanism improves the performance of big filesystems (multi terabytes in size). You can use the mount option space_cache=v1 to set the v1 of the free space cache and the mount option space_cache=v2 to set the v2 of the free space cache. The clear_cache mount option is used to clear the free space cache. When the v2 free space cache is created, the cache must be cleared to create a v1 free space cache. So, to use the v1 free space cache after the v2 free space cache is created, the clear_cache and space_cache=v1 mount options must be combined: clear_cache,space_cache=v1 The nospace_cache mount option is used to disable free space caching. To disable the free space caching after the v1 or v2 cache is created, the nospace_cache and clear_cache mount option must be combined: clear_cache,nosapce_cache 14. skip_balance By default, interrupted/paused balance operation of a multi-device Btrfs filesystem or Btrfs RAID will be automatically resumed once the Btrfs filesystem is mounted. To disable automatic resuming of interrupted/paused balance operation on a multi-device Btrfs filesystem or Btrfs RAID, you can use the skip_balance mount option. 15. datacow and nodatacow The datacow mount option enables the Copy-on-Write (CoW) feature of the Btrfs filesystem. It is the default behavior. If you want to disable the Copy-on-Write (CoW) feature of the Btrfs filesystem for the newly created files, mount the Btrfs filesystem with the nodatacow mount option. 16. datasum and nodatasum The datasum mount option enables data checksumming for newly created files of the Btrfs filesystem. This is the default behavior. If you don’t want the Btrfs filesystem to checksum the data for newly created files, mount the Btrfs filesystem with the nodatasum mount option. Conclusion This article has shown you how to mount a Btrfs filesystem with your desired mount options. I have explained some of the useful Btrfs mount options as well. References [1] The Btrfs Mount Options Manpage – man 5 btrfs View the full article

The Btrfs filesystem-level encryption feature is still not available. But you can use a 3rd party encryption tool like dm-crypt to encrypt the entire storage devices of your Btrfs filesystem. In this article, I am going to show you how to encrypt the storage devices added to a Btrfs filesystem with dm-crypt. So, let’s get started. Abbreviations LUKS – Linux Unified Key Setup HDD – Hard Disk Drive SSD – Solid-State Drive Prerequisites To follow this article: You must be running either Fedora 33 Workstation or Ubuntu 20.04 LTS Linux distribution on your computer. You must have a free HDD/SSD on your computer. As you can see, I have an HDD sdb on my Ubuntu 20.04 LTS machine. I will encrypt it and format it with the Btrfs filesystem. $ sudo lsblk -e7 Installing Required Packages on Ubuntu 20.04 LTS To encrypt storage devices and format them with the Btrfs filesystem, you need to have the btrfs-progs and cryptsetup packages installed on your Ubuntu 20.04 LTS machine. Luckily, these packages are available in the official package repository of Ubuntu 20.04 LTS. First, update the APT package repository cache with the following command: $ sudo apt update To install btrfs-progs and cryptsetup, run the following command: $ sudo apt install btrfs-progs cryptsetup --install-suggests To confirm the installation, press Y and then press <Enter>. The btrfs-progs and cryptsetup packages and their dependencies are being installed. The btrfs-progs and cryptsetup packages should be installed at this point. Installing Required Packages on Fedora 33 To encrypt storage devices and format them with the Btrfs filesystem, you need to have the btrfs-progs and cryptsetup packages installed on your Fedora 33 Workstation machine. Luckily, these packages are available in the official package repository of Fedora 33 Workstation. First, update the DNF package repository cache with the following command: $ sudo dnf makecache To install btrfs-progs and cryptsetup, run the following command: $ sudo dnf install btrfs-progs cryptsetup -y Fedora 33 Workstation uses the Btrfs filesystem by default. So, it’s more likely that you will have these packages installed already, as you can see in the screenshot below. If for some reason, they are not installed, they will be installed. Generating an Encryption Key Before you can encrypt your storage devices with cryptsetup, you need to generate a 64 bytes long random key. You can generate your encryption key and store it in the /etc/cryptkey file with the following command: $ sudo dd if=/dev/urandom of=/etc/cryptkey bs=64 count=1 A new encryption key should be generated and stored in the /etc/cryptkey file. The encryption key file /etc/cryptkey can be read by everyone by default, as you can see in the screenshot below. This is a security risk. We want only the root user to be able to read/write to the /etc/cryptkey file. $ ls -lh /etc/cryptkey To allow only the root user to read/write to the /etc/cryptkey file, change the file permissions as follows: $ sudo chmod -v 600 /etc/cryptkey As you can see, only the root user has read/write (rw) permission to the /etc/cryptkey file. So, no one else can see what’s in the /etc/cryptkey file. $ ls -lh /etc/cryptkey Encrypting the Storage Devices with dm-crypt Now that you have generated an encryption key, you can encrypt your storage device. let’s say, sdb, with the LUKS v2 (version 2) disk encryption technology as follows: $ sudo cryptsetup -v --type luks2 luksFormat /dev/sdb /etc/cryptkey cryptsetup will prompt you to confirm the encryption operation. NOTE: All the data of your HDD/SSD should be removed. So, make sure to move all of your important data before you attempt to encrypt your HDD/SSD. To confirm the disk encryption operation, type in YES (in uppercase) and press <Enter>. It may take a while to complete. At this point, the storage device /dev/sdb should be encrypted with the encryption key /etc/cryptkey. Opening Encrypted Storage Devices Once you’ve encrypted a storage device with cryptsetup, you need to open it with the cryptsetup tool to be able to use it. You can open the encrypted storage device sdb and map it to your computer as a data storage device as follows: $ sudo cryptsetup open --key-file=/etc/cryptkey --type luks2 /dev/sdb data Now, the decrypted storage device will be available in the path /dev/mapper/data. You have to create your desired filesystem in the /dev/mapper/data device and mount the /dev/mapper/data device instead of /dev/sdb from now on. Creating Btrfs Filesystem on Encrypted Devices: To create a Btrfs filesystem on the decrypted storage device /dev/mapper/data with the label data, run the following command: $ sudo mkfs.btrfs -L data /dev/mapper/data A Btrfs filesystem should be created on the /dev/mapper/data storage device, which is decrypted from the storage device /dev/sdb (encrypted with LUKS 2). Mounting Encrypted Btrfs Filesystem You can mount the Btrfs filesystem you have created earlier as well. Let’s say, you want to mount the Btrfs filesystem you’ve created earlier in the /data directory. So, create the /data directory as follows: $ sudo mkdir -v /data To mount the Btrfs filesystem created on the /dev/mapper/data storage device in the /data directory, run the following command: $ sudo mount /dev/mapper/data /data As you can see, the Btrfs filesystem created on the encrypted storage device sdb is mounted in the /data directory. $ sudo btrfs filesystem show /data Automatically Mounting Encrypted Btrfs Filesystem at Boot-Time You can mount the encrypted Btrfs filesystem at boot time as well. To mount the encrypted Btrfs filesystem at boot time, you need to: decrypt the storage device /dev/sdb at boot time using the /etc/cryptkey encryption key file mount the decrypted storage device /dev/mapper/data to the /data directory First, find the UUID of the sdb encrypted storage device with the following command: $ sudo blkid /dev/sdb As you can see, the UUID of the sdb encrypted storage device is 1c66b0de-b2a3-4d28-81c5-81950434f972. It will be different for you. So, make sure to change it with yours from now on. To automatically decrypt the sdb storage device at boot time, you have to add an entry for it on the /etc/crypttab file. Open the /etc/crypttab file with the nano text editor as follows: $ sudo nano /etc/crypttab Add the following line at the end of the /etc/crypttab file if you’re using an HDD. data UUID=1c66b0de-b2a3-4d28-81c5-81950434f972 /etc/cryptkey luks,noearly Add the following line at the end of the /etc/crypttab file if you’re using an SSD. data UUID=1c66b0de-b2a3-4d28-81c5-81950434f972 /etc/cryptkey luks,noearly,discard Once you’re done, press <Ctrl> + X, followed by Y, and <Enter> to save the /etc/crypttab file. Now, find the UUID of the decrypted /dev/mapper/data storage device with the following command: $ sudo blkid /dev/mapper/data As you can see, the UUID of the /dev/mapper/data decrypted storage device is dafd9d61-bdc9-446a-8b0c-aa209bfab98d. It will be different for you. So, make sure to change it with yours from now on. To automatically mount the decrypted storage device /dev/mapper/data in the /data directory at boot time, you have to add an entry for it on the /etc/fstab file. Open the /etc/fstab file with the nano text editor as follows: $ sudo nano /etc/fstab Now, add the following line at the end of the /etc/fstab file: UUID=dafd9d61-bdc9-446a-8b0c-aa209bfab98d /data btrfs defaults 0 0 Once you’re done, press <Ctrl> + X, followed by Y, and <Enter> to save the /etc/fstab file. Finally, reboot your computer for the changes to take effect. $ sudo reboot The encrypted storage device sdb is decrypted into a data storage device, and the data storage device is mounted in the /data directory. $ sudo lsblk -e7 As you can see, the Btrfs filesystem, which was created on the decrypted /dev/mapper/data storage device is mounted in the /data directory. $ sudo btrfs filesystem show /data Conclusion In this article, I have shown you how to encrypt a storage device using the LUKS 2 encryption technology with cryptsetup. You also learn how to decrypt the encrypted storage device and format it with the Btrfs filesystem as well. As well as how to automatically decrypt the encrypted storage device and mount it at boot time. This article should help you get started with Btrfs filesystem encryption. View the full article