Hello,

I am quite new to linux (Ubuntu) and wish to use encrypted drives. I already use LUKS encrypted disks, that's great.
I have a question regarding full disk encryption.

I tried to find an answer in the doc... "rtfm" did not solve it, neither did some asking on IRC channels (answers like "no that's bad!", with no further explanation as why "no" weren't just convincing enough... ;-)   ).

The case :
I want to encrypt a full USB disk and my question is : is it mandatory to have a partition existing on the device and to luskformat the partition? In other words, is it OK to luksformat the full device, without mentionning any partition? Is it off "standards"?

In fact, I tried to encrypt a full disk using something like :
sudo cryptsetup luksFormat -c aes-xts-plain -h whirlpool -s 512 /dev/sdx
x being the device, without mentioning a partition.

That apparently works perfectly well, the full device is then encrypted and can be formatted as ext4 or whatever I want it to be formatted to. I can mount it and use it.
No partition is seen on the device when inserted without decrypting, good.

I would like to know if this could cause some side effects, as I don't encrypt a partition but directly the device itself.

Being cautious, I did create a partition for now... and did encrypt this one. The partition using the full disk...
sudo cryptsetup luksFormat -c aes-xts-plain -h whirlpool -s 512 /dev/sde1 (for example)

For my own knowledge I would really appreciate to know if it would be OK to luksformat a full device, without using partitions. And most of all I would like to know why (whatever yes or no the answer could be! )

Maybe is this question related to the linux "philosophy" and devices architecture that still isn't fully natural for me for now as I am an ex-Windows user, but I'm learning and happy to do so! :-)

Hope you can help!
Best regards,

Patrick