HOWTO: Encrypt The System Manually Upon Installation (Ubuntu 8.04) - Page 4

Step 7: Set the encrypted devices up

Afterwards we end in the main partitioning menu again. You can see that we have two new devices there. We need to set those up now and start with the root partition:

Set the properties according to this. Make sure to select "/" as mount point.

We end up again in the main partition menu and select now the home partition:

Set the properties according to this. Make sure to select "/home" as mount point.

 

Step 8: Finish the partitioner

For the last time we are now in the partitioner main menu. Select finish partitioning and write changes to disk:

You will get then a warning about swap. Just ignore it and go on:

Write changes to disk and the let install continue:

 

Step 9: Enable swap and setup key unlocking of /home

Now after the system has finished installed, start it. You will be prompted to enter the crypto password twice. Once for the root partition and then a bit later for the /home partition. Once the computer has booted up run the commands

df -l
sudo fdisk -l

You should get an output similar to this one:

Enabling swap is pretty simple. You first need to edit the crypttab:

sudo nano /etc/crypttab

and there you need to add a line like this:

cswap	/dev/sda2	/dev/urandom	swap

Save and close it with ctrl-x (follow the instructions) and then open

sudo nano /etc/fstab

and add this line:

/dev/mapper/cswap	none	swap	sw	0	0

So, if you don't want to enter the password twice for unlocking the root and the home partition, follow this guide here: https://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile

After you set that up accordingly, you can reboot and then you will have to enter the password only once and you will also have an encrypted swap at your disposal. Enjoy!

Share this page:

1 Comment(s)