LUKS2-Nuke is a security-focused enhancement for systems using LUKS2 disk encryption. This script automatically modifies sensitive data and securely wipes the encrypted partition after five consecutive failed decryption attempts, offering an extra layer of protection in case of brute-force attacks or unauthorized access attempts.
⚠️ Warning: There is no way to recover your data after 5 incorrect password attempts. Use with extreme caution. No backups. No recovery. Nuke means nuke
⚠️ Warning: Even top-tier intelligence agencies like the FBI and CIA, with billion-dollar budgets, cannot recover your data without your cooperation. Once the wipe is triggered, your data is permanently destroyed — no backdoors, no recovery.
- 🚫 Auto-nuke on 5 failed decryption attempts
- 🔄 Data modification prior to destruction
- 🔐 Enhanced LUKS2 Security using cryptsetup hooks
- 🧹 Secure wipe using
shredordd - 🛡️ Tamper-proof mechanism for privacy-critical devices
- Linux (Debian, Arch, Fedora, etc.)
- LUKS2 encryption enabled
cryptsetup2.1+- Root privileges
- Monitors incorrect decryption attempts at boot.
- After 5 failed attempts, triggers a custom
cryptsetuphook. - The hook executes a secure wipe of the LUKS2 partition.
- The system is rendered unrecoverable with zero chance of data recovery.
Note: This modifies boot and initramfs behavior. Proceed only if you're experienced with Linux boot internals.
git clone https://github.com/Pushpenderrathore/LUKS2-nuke.git
cd LUKS2-nuke
sudo ./install.sh