Okay, let's run through the manual process of using this device. First, we'll open it. We'll run sudo cryptsetup luksOpen/dev/sdb and opt here and that is the virtual block device name that will be created in /dev/mapper. Now it's asking for the passphrase for this device and we'll go ahead and supply that. Okay, it created our device file. So now we'll just go ahead and mount it, mount it on opt and then we can look and opt and you can see that the hello text file is there from earlier. Once you're done, you can go ahead and unmount the device. And finally, we need to close the encrypted device. We'll do this by running sudo cryptsetup luksClose and then we'll give the name of the device. And you can see that the virtual block device has been removed from /dev/mapper. We've been talking about using block devices that you have direct access to but what if you're in an environment where that's not the case, for example some cloud providers don't give you block level access to volumes. In this case, you would use a file as the device that you encrypt. Let's start off by creating a non sparse file. I'm going to run strings on that and that should pull out any string data from that file but it's really just an empty file at this point. So if you want to be more secure write random data to that file. So here's how to do that. I would use the dd command. if stands before input file, we'll use dev/urandom, of is output file. We'll use data/opt, bs is a bite size. We'll use a bite-size size of one megabyte, and then we'll just use a count of 100. So 100 times one megabyte would be 100 megabytes in size. So I'll run this command here and this command will take a little bit since the random data has to be generated before it could be written to the file. So now we'll go ahead and run the same command here on that file. And then now you can see that there's a lot of random data in that file. From here, the rest of the process is really the same. We'll go ahead and use LUKS format on this file just like it was a regular block device. Now that it's initialized, I'll go ahead and open it. Again, supplying the name that we want to use as the virtual block device. Go ahead and create a file system on that and now we can mount that. Let's go ahead and look at that mount point there and you can see that it's founded on /dev/mapper/opt and let's look at the block devices here and let's specifically look at the crypto one here. You can see that the file is being accessed through dev loop zero which is a loop back device that allows files to be treated like a block device.