add lmde4-custom-partitions-disk-encryption
This commit is contained in:
parent
c8799ea263
commit
30ee991649
@ -1,7 +1,11 @@
|
|||||||
|
---
|
||||||
|
title: "Home"
|
||||||
|
authors: ["trent"]
|
||||||
|
---
|
||||||
# Trent's Blog
|
# Trent's Blog
|
||||||
|
|
||||||
## **Posts By Date**
|
## **Posts By Date**
|
||||||
|
|
||||||
|
* [2020-12-15: LMDE4 Custom Partitions Disk Encryption](posts/linux-move-cursor-with-keyboard){target=_blank}
|
||||||
* [2020-06-21: Linux Move Cursor With Keyboard](posts/linux-move-cursor-with-keyboard){target=_blank}
|
* [2020-06-21: Linux Move Cursor With Keyboard](posts/linux-move-cursor-with-keyboard){target=_blank}
|
||||||
* [2019-05-12: Simplified Raspberry Streaming](posts/simplified-raspberry-streaming){target=_blank}
|
* [2019-05-12: Simplified Raspberry Streaming](posts/simplified-raspberry-streaming){target=_blank}
|
||||||
* [2019-04-13: Clear Linux Encrypted xfs Root](posts/clear-linux-encrypted-xfs-root){target=_blank}
|
* [2019-04-13: Clear Linux Encrypted xfs Root](posts/clear-linux-encrypted-xfs-root){target=_blank}
|
||||||
@ -9,3 +13,7 @@
|
|||||||
* [2019-02-11: Faster Partitioning With sgdisk](posts/faster-partitioning-with-sgdisk){target=_blank}
|
* [2019-02-11: Faster Partitioning With sgdisk](posts/faster-partitioning-with-sgdisk){target=_blank}
|
||||||
* [2019-01-25: LMDE3 xfs Full Disk Encryption](posts/lmde3-xfs-full-disk-encryption){target=_blank}
|
* [2019-01-25: LMDE3 xfs Full Disk Encryption](posts/lmde3-xfs-full-disk-encryption){target=_blank}
|
||||||
* [2019-01-25: Rewrite Hugo Themes Report in Python](posts/rewrite-hugo-themes-report-in-python){target=_blank}
|
* [2019-01-25: Rewrite Hugo Themes Report in Python](posts/rewrite-hugo-themes-report-in-python){target=_blank}
|
||||||
|
|
||||||
|
## **Links**
|
||||||
|
|
||||||
|
* [Links](links.md){target=_blank}
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
---
|
||||||
|
title: "Links"
|
||||||
|
authors: ["trent"]
|
||||||
|
---
|
||||||
# Trent's Blog
|
# Trent's Blog
|
||||||
|
|
||||||
## **Links**
|
## **Links**
|
||||||
|
BIN
docs/photos/Screenshot31.png
Normal file
BIN
docs/photos/Screenshot31.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 71 KiB |
BIN
docs/photos/Screenshot39.png
Normal file
BIN
docs/photos/Screenshot39.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 24 KiB |
@ -196,17 +196,18 @@ UUID=72241377-cd65-43a6-8363-1afce5bd93f6 / xfs defaults 0 1
|
|||||||
But before the file systems can be mounted, `crypttab` needs to mount `/dev/sda3` at `/dev/mapper/cryptroot`.
|
But before the file systems can be mounted, `crypttab` needs to mount `/dev/sda3` at `/dev/mapper/cryptroot`.
|
||||||
Configure `/etc/crypttab` which is actually currently at `/target/etc/crypttab`
|
Configure `/etc/crypttab` which is actually currently at `/target/etc/crypttab`
|
||||||
|
|
||||||
1. find the UUID of the partition that will be mounted at `/dev/mapper/crypttab`
|
* find the UUID of the partition that will be mounted at `/dev/mapper/crypttab`
|
||||||
```console
|
```console
|
||||||
blkid /dev/sda3 -s UUID
|
blkid /dev/sda3 -s UUID
|
||||||
```
|
```
|
||||||
|
|
||||||
And when you find the correct UUID number for `/dev/sda3`,
|
And when you find the correct UUID number for `/dev/sda3`,
|
||||||
use that to configure `/etc/crypttab` which is actually currently at `/target/etc/crypttab`.
|
use that to configure `/etc/crypttab` which is actually currently at `/target/etc/crypttab`.
|
||||||
|
|
||||||
```conf
|
```conf
|
||||||
# /etc/crypttab
|
# /etc/crypttab
|
||||||
# run the command `blkid /dev/sda3 -s UUID` which outputs
|
# run the command `blkid /dev/sda3 -s UUID` which outputs
|
||||||
# /dev/sdb3: UUID="da3e0967-711f-4159-85ac-7d5743a75201", from which derive
|
# /dev/sda3: UUID="da3e0967-711f-4159-85ac-7d5743a75201", from which derive
|
||||||
# <target name> <source device> <key file> <options>
|
# <target name> <source device> <key file> <options>
|
||||||
cryptroot UUID=da3e0967-711f-4159-85ac-7d5743a75201 none luks
|
cryptroot UUID=da3e0967-711f-4159-85ac-7d5743a75201 none luks
|
||||||
```
|
```
|
||||||
|
261
docs/posts/lmde4-custom-partitions-disk-encryption.md
Normal file
261
docs/posts/lmde4-custom-partitions-disk-encryption.md
Normal file
@ -0,0 +1,261 @@
|
|||||||
|
---
|
||||||
|
title: "LMDE4 Custom Partitions Disk Encryption"
|
||||||
|
date: 2020-12-15
|
||||||
|
draft: false
|
||||||
|
tags: ["linux-mint","disk-encryption"]
|
||||||
|
authors: ["trent"]
|
||||||
|
---
|
||||||
|
date: 2020-12-15
|
||||||
|
## **Introduction**
|
||||||
|
Linux Mint Debian Edition is the alternate version of Linux Mint, but built on a Debian base. The result is quite pleasant: the
|
||||||
|
stability of desktop Debian, but with the rough edges polished smooth, nicely configured fonts and ui, and all the multi-media codecs included.
|
||||||
|
|
||||||
|
Previously, I wrote a [guide for installing LMDE3 with disk encryption](lmde3-xfs-full-disk-encryption.md){target=_blank}.
|
||||||
|
The installer for LMDE 4 is different
|
||||||
|
in that it includes support for disk encryption, but not if you need custom partitions such as for a **dual-boot
|
||||||
|
configuration**.
|
||||||
|
|
||||||
|
With this in mind, the examples presented below assume that you have Windows 10 installed in 4 partitions, and
|
||||||
|
thus you would want to make 3 partitions (5,6,7) after that, for LMDE4.
|
||||||
|
As with before, with separate partitions for `/boot` formatted ext4, `/boot/efi` formatted fat32,
|
||||||
|
and a regular luks-encrypted partition for `/` formatted xfs.
|
||||||
|
|
||||||
|
With a separate efi partition for LMDE4, you can then use the computer's device boot menu to
|
||||||
|
select which efi boot entry you want to boot. There is also an advantage in having Windows use the
|
||||||
|
first efi partition, in that if something happens to the Windows efi boot entry, you can fall back to the
|
||||||
|
default efi executable. Whereas, if the efi boot entry for Linux somehow gets wiped, you could [repair that
|
||||||
|
easily enough via chroot](https://help.ubuntu.com/community/Grub2/Installing#via_ChRoot){target=_blank}.
|
||||||
|
|
||||||
|
## **Prepare The Installation Media**
|
||||||
|
Visit the [Linux Mint Website](https://www.linuxmint.com/){target=_blank}
|
||||||
|
and [download](https://www.linuxmint.com/edition.php?id=279){target=_blank} the iso file for LMDE 4 64bit. Download from torrents if possible, to save bandwidth.
|
||||||
|
|
||||||
|
* verify the sha256 sum of the iso file
|
||||||
|
```console
|
||||||
|
sha256sum lmde-4-cinnamon-64bit.iso
|
||||||
|
```
|
||||||
|
|
||||||
|
Identify the thumb drive you are going to install from.
|
||||||
|
|
||||||
|
* type `lsblk`, note the output, and then insert the thumb drive
|
||||||
|
* then type `lsblk` again and note the *additional output*
|
||||||
|
|
||||||
|
```console
|
||||||
|
# lsblk /dev/sdb
|
||||||
|
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
|
||||||
|
sdb 8:32 1 14.5G 0 disk
|
||||||
|
├─sdb1 8:33 1 3.4G 0 part /media/trent/Debian 9.6.0 amd64
|
||||||
|
└─sdb2 8:34 1 416K 0 part
|
||||||
|
```
|
||||||
|
In the above example output we see that our thumb drive is identified as `/dev/sdb`, and partition `/dev/sdb1` is automatically mounted.
|
||||||
|
|
||||||
|
Take special care that you have accurately identified the thumb drive before proceeding. For the sake of example,
|
||||||
|
we will proceed on the assumption that our thumb drive is identified as `/dev/sdb`, but you need to compensate accordingly.
|
||||||
|
|
||||||
|
* unmount any partition of the thumb drive that are automatically mounted
|
||||||
|
```console
|
||||||
|
umount /dev/sdb1
|
||||||
|
```
|
||||||
|
|
||||||
|
* write the disk image to the thumb drive
|
||||||
|
```console
|
||||||
|
ddrescue -D --force lmde-4-cinnamon-64bit.iso /dev/sdb
|
||||||
|
```
|
||||||
|
|
||||||
|
## **Boot The Install Disc**
|
||||||
|
* boot into bios to disable fastboot and secureboot
|
||||||
|
* invoke your machine's device boot menu and boot the install disc in uefi mode
|
||||||
|
* confirm that you have booted in uefi mode by listing efivars
|
||||||
|
```console
|
||||||
|
ls /sys/firmware/efi/vars
|
||||||
|
```
|
||||||
|
|
||||||
|
## **Partition The Hard Drive**
|
||||||
|
If you recall we are assuming the target hard drive is `/dev/sda`, as an example. So, make adjustments as necessary.
|
||||||
|
|
||||||
|
If you would rather use a different partition tool, make sure the efi partition is an efi partition type, and you definitely need a separate `/boot` partition.
|
||||||
|
|
||||||
|
If indeed, you are installing a dual-boot and are installing alongside another operating system,
|
||||||
|
then **skip steps 1 and 2**, obviously.
|
||||||
|
|
||||||
|
1. if needed you can clear the drive with wipefs
|
||||||
|
```console
|
||||||
|
wipefs --all /dev/sda
|
||||||
|
```
|
||||||
|
1. create a new partition table for `/dev/sda`
|
||||||
|
```console
|
||||||
|
sgdisk /dev/sda -o
|
||||||
|
```
|
||||||
|
1. create a new efi partition for `/dev/sda`
|
||||||
|
```console
|
||||||
|
sgdisk /dev/sda --new=5::+512MiB --typecode=1:ef00
|
||||||
|
```
|
||||||
|
1. create a new `/boot` partition for `/dev/sda`
|
||||||
|
```console
|
||||||
|
sgdisk /dev/sda --new=6::+1G
|
||||||
|
```
|
||||||
|
1. create a new `/` partition for `/dev/sda`
|
||||||
|
```console
|
||||||
|
sgdisk /dev/sda --new=7
|
||||||
|
```
|
||||||
|
1. verify your partition work
|
||||||
|
```console
|
||||||
|
sgdisk /dev/sda -p
|
||||||
|
```
|
||||||
|
1. format the efi partition
|
||||||
|
```console
|
||||||
|
mkfs.vfat -F32 /dev/sda5
|
||||||
|
```
|
||||||
|
1. format the /boot partition
|
||||||
|
```console
|
||||||
|
mkfs.ext4 /dev/sda6
|
||||||
|
```
|
||||||
|
1. encrypt the `/` partition, you will be prompted for a password
|
||||||
|
```console
|
||||||
|
cryptsetup -y -v luksFormat --type luks2 /dev/sda7
|
||||||
|
```
|
||||||
|
1. decrypt the `/` partition, you will be prompted for a password
|
||||||
|
```console
|
||||||
|
cryptsetup open /dev/sda7 cryptroot
|
||||||
|
```
|
||||||
|
1. format the `/` device
|
||||||
|
```console
|
||||||
|
mkfs.xfs /dev/mapper/cryptroot
|
||||||
|
```
|
||||||
|
## **Mount The Hard Drive**
|
||||||
|
This takes advantage of *expert mode* in the LMDE installer.
|
||||||
|
|
||||||
|
1. create an `/target` directory
|
||||||
|
```console
|
||||||
|
mkdir /target
|
||||||
|
```
|
||||||
|
1. mount the `/` device at `/target`
|
||||||
|
```console
|
||||||
|
mount /dev/mapper/cryptroot /target
|
||||||
|
```
|
||||||
|
1. create an `/target/boot` directory
|
||||||
|
```console
|
||||||
|
mkdir /target/boot
|
||||||
|
```
|
||||||
|
1. mount the `/boot` partition at `/target/boot`
|
||||||
|
```console
|
||||||
|
mount /dev/sda6 /target/boot
|
||||||
|
```
|
||||||
|
1. create an `/target/boot/efi` directory
|
||||||
|
```console
|
||||||
|
mkdir /target/boot/efi
|
||||||
|
```
|
||||||
|
1. mount the efi partition at `/target/boot/efi`
|
||||||
|
```console
|
||||||
|
mount /dev/sda5 /target/boot/efi
|
||||||
|
```
|
||||||
|
|
||||||
|
## **Run The Installer App From Command Line**
|
||||||
|
At this point you're ready to run the live installer. But you need to run the
|
||||||
|
installer from the command line in order to **use expert-mode**:
|
||||||
|
```console
|
||||||
|
live-installer --expert-mode
|
||||||
|
```
|
||||||
|
|
||||||
|
The first three pages of the live-installer cover Language,Timezone, and Keymap.
|
||||||
|
The fourth page of the live-installer covers name, password, and hostname. After this
|
||||||
|
**select manual partitioning**.
|
||||||
|
|
||||||
|
On the seventh page of the live-installer, you come to a partition configuration page.
|
||||||
|
But there is nothing to do here. The partition-configuration doesn't even recognize
|
||||||
|
your encrypted partitions. But no matter, because you have already mounted the target
|
||||||
|
file system relative to `/target/`, so select *expert mode* at the bottom of the page.
|
||||||
|
|
||||||
|
<figure>
|
||||||
|
<img src=../../photos/Screenshot31.png width="100%" />
|
||||||
|
<figcaption>the installer doesn't even recognize the encrypted partitions ... ignore everything on this screen and click the `Expert mode` button</figcaption>
|
||||||
|
</figure>
|
||||||
|
|
||||||
|
Again select *forward*, and when you come to the page where you configure the location
|
||||||
|
to install grub, that should be the efi partition, i.e. `/dev/sda5`.
|
||||||
|
|
||||||
|
<figure>
|
||||||
|
<img src=../../photos/Screenshot39.png width="100%" />
|
||||||
|
<figcaption>select the efi partition as the location to install grub</figcaption>
|
||||||
|
</figure>
|
||||||
|
|
||||||
|
Then continue with the installation. The installation will run for a
|
||||||
|
few minutes and will then pause. There will be a popup informing you that the installation has paused.
|
||||||
|
During the pause you need to manually configure `fstab` and `crypttab`.
|
||||||
|
|
||||||
|
## **Configure Fstab**
|
||||||
|
|
||||||
|
1. find the UUID of the efi partition
|
||||||
|
```console
|
||||||
|
blkid /dev/sda5 -s UUID
|
||||||
|
```
|
||||||
|
1. find the UUID of the `/boot` partition
|
||||||
|
```console
|
||||||
|
blkid /dev/sda6 -s UUID
|
||||||
|
```
|
||||||
|
1. find the UUID of the `/` device
|
||||||
|
```console
|
||||||
|
blkid /dev/mapper/cryptroot -s UUID
|
||||||
|
```
|
||||||
|
|
||||||
|
And when you find the correct UUID numbers, use them to configure `/etc/fstab` which is actually currently at `/target/etc/fstab`.
|
||||||
|
```conf
|
||||||
|
# /etc/fstab
|
||||||
|
###############
|
||||||
|
# efi partition
|
||||||
|
# run the command `blkid /dev/sda1 -s UUID` which outputs
|
||||||
|
# /dev/sda5: UUID="17C4-215D", from which derive
|
||||||
|
UUID=17C4-215D /boot/efi vfat defaults 0 2
|
||||||
|
|
||||||
|
# /boot partition
|
||||||
|
# run the command `blkid /dev/sda2 -s UUID` which outputs
|
||||||
|
# /dev/sda6: UUID="f2509fff-4854-4721-b546-0274c89e6aec", from which derive
|
||||||
|
UUID=f2509fff-4854-4721-b546-0274c89e6aec /boot ext4 defaults 0 2
|
||||||
|
|
||||||
|
# "/" device
|
||||||
|
# run the command `blkid /dev/mapper/cryptroot -s UUID` which outputs
|
||||||
|
# /dev/mapper/cryptroot: UUID="72241377-cd65-43a6-8363-1afce5bd93f6", from which derive
|
||||||
|
UUID=72241377-cd65-43a6-8363-1afce5bd93f6 / xfs defaults 0 1
|
||||||
|
```
|
||||||
|
|
||||||
|
## **Configure Crypttab**
|
||||||
|
But before the file systems can be mounted, `crypttab` needs to mount `/dev/sda3` at `/dev/mapper/cryptroot`.
|
||||||
|
Configure `/etc/crypttab` which is actually currently at `/target/etc/crypttab`
|
||||||
|
|
||||||
|
Sorry, that's actually an over-simplification. But you need to configure `crypttab` now,
|
||||||
|
because when the installer continues running again, it installs the bootloader and builds the initramfs,
|
||||||
|
and `mkinitramfs` parses `crypttab`, and builds and configures the initramfs in such a way that it knows
|
||||||
|
to decrypt your `/` partition so it can then hand it off to the kernel at boot time (I think).
|
||||||
|
|
||||||
|
* find the UUID of the partition that will be mounted at `/dev/mapper/crypttab`
|
||||||
|
```console
|
||||||
|
blkid /dev/sda3 -s UUID
|
||||||
|
```
|
||||||
|
|
||||||
|
And when you find the correct UUID number for `/dev/sda3`,
|
||||||
|
use that to configure `/etc/crypttab` which is actually currently at `/target/etc/crypttab`.
|
||||||
|
```conf
|
||||||
|
# /etc/crypttab
|
||||||
|
# run the command `blkid /dev/sda7 -s UUID` which outputs
|
||||||
|
# /dev/sda7: UUID="da3e0967-711f-4159-85ac-7d5743a75201", from which derive
|
||||||
|
# <target name> <source device> <key file> <options>
|
||||||
|
cryptroot UUID=da3e0967-711f-4159-85ac-7d5743a75201 none luks
|
||||||
|
```
|
||||||
|
|
||||||
|
## **Resume Installer App**
|
||||||
|
At this point finish running the live installer, and you'll be done.
|
||||||
|
|
||||||
|
## **UEFI Fix**
|
||||||
|
Well, actually there isn't one. In this scenario having two efi partitions,
|
||||||
|
we rely on the motherboard correctly persisting efi boot entries.
|
||||||
|
|
||||||
|
So if you are unlucky enough to have one of the HP laptops that
|
||||||
|
*forgets* efi boot entries, I guess you are out of luck.
|
||||||
|
|
||||||
|
You might try using a single efi partition instead of two, and
|
||||||
|
maybe that will work. Presumably this would require using VeraCrypt
|
||||||
|
for Windows, instead of Bitlocker (because Bitlocker won't allow Grub
|
||||||
|
to load the Windows bootloader?)
|
||||||
|
|
||||||
|
## **Optional Swap File**
|
||||||
|
Visit the [Arch Wiki](https://wiki.archlinux.org/index.php/Swap#Swap_file){target=_blank} and they will hook you up.
|
@ -19,6 +19,7 @@ markdown_extensions:
|
|||||||
nav:
|
nav:
|
||||||
- Home:
|
- Home:
|
||||||
- Home: index.md
|
- Home: index.md
|
||||||
|
- posts/lmde4-custom-partitions-disk-encryption.md
|
||||||
- posts/linux-move-cursor-with-keyboard.md
|
- posts/linux-move-cursor-with-keyboard.md
|
||||||
- posts/simplified-raspberry-streaming.md
|
- posts/simplified-raspberry-streaming.md
|
||||||
- posts/clear-linux-encrypted-xfs-root.md
|
- posts/clear-linux-encrypted-xfs-root.md
|
||||||
|
@ -225,6 +225,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="/posts/lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="/posts/linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="/posts/linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
|
@ -260,6 +260,13 @@
|
|||||||
Posts By Date
|
Posts By Date
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#links" class="md-nav__link">
|
||||||
|
Links
|
||||||
|
</a>
|
||||||
|
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
</ul>
|
</ul>
|
||||||
@ -274,6 +281,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="posts/lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="posts/linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="posts/linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
@ -423,6 +442,13 @@
|
|||||||
Posts By Date
|
Posts By Date
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#links" class="md-nav__link">
|
||||||
|
Links
|
||||||
|
</a>
|
||||||
|
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
</ul>
|
</ul>
|
||||||
@ -441,6 +467,7 @@
|
|||||||
<h1 id="trents-blog">Trent's Blog</h1>
|
<h1 id="trents-blog">Trent's Blog</h1>
|
||||||
<h2 id="posts-by-date"><strong>Posts By Date</strong></h2>
|
<h2 id="posts-by-date"><strong>Posts By Date</strong></h2>
|
||||||
<ul>
|
<ul>
|
||||||
|
<li><a href="posts/linux-move-cursor-with-keyboard" target="_blank">2020-12-15: LMDE4 Custom Partitions Disk Encryption</a></li>
|
||||||
<li><a href="posts/linux-move-cursor-with-keyboard" target="_blank">2020-06-21: Linux Move Cursor With Keyboard</a></li>
|
<li><a href="posts/linux-move-cursor-with-keyboard" target="_blank">2020-06-21: Linux Move Cursor With Keyboard</a></li>
|
||||||
<li><a href="posts/simplified-raspberry-streaming" target="_blank">2019-05-12: Simplified Raspberry Streaming</a></li>
|
<li><a href="posts/simplified-raspberry-streaming" target="_blank">2019-05-12: Simplified Raspberry Streaming</a></li>
|
||||||
<li><a href="posts/clear-linux-encrypted-xfs-root" target="_blank">2019-04-13: Clear Linux Encrypted xfs Root</a></li>
|
<li><a href="posts/clear-linux-encrypted-xfs-root" target="_blank">2019-04-13: Clear Linux Encrypted xfs Root</a></li>
|
||||||
@ -449,6 +476,12 @@
|
|||||||
<li><a href="posts/lmde3-xfs-full-disk-encryption" target="_blank">2019-01-25: LMDE3 xfs Full Disk Encryption</a></li>
|
<li><a href="posts/lmde3-xfs-full-disk-encryption" target="_blank">2019-01-25: LMDE3 xfs Full Disk Encryption</a></li>
|
||||||
<li><a href="posts/rewrite-hugo-themes-report-in-python" target="_blank">2019-01-25: Rewrite Hugo Themes Report in Python</a></li>
|
<li><a href="posts/rewrite-hugo-themes-report-in-python" target="_blank">2019-01-25: Rewrite Hugo Themes Report in Python</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
|
<h2 id="links"><strong>Links</strong></h2>
|
||||||
|
<ul>
|
||||||
|
<li><a href="links/" target="_blank">Links</a></li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -468,13 +501,13 @@
|
|||||||
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
|
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
|
||||||
|
|
||||||
|
|
||||||
<a href="posts/linux-move-cursor-with-keyboard/" class="md-footer-nav__link md-footer-nav__link--next" rel="next">
|
<a href="posts/lmde4-custom-partitions-disk-encryption/" class="md-footer-nav__link md-footer-nav__link--next" rel="next">
|
||||||
<div class="md-footer-nav__title">
|
<div class="md-footer-nav__title">
|
||||||
<div class="md-ellipsis">
|
<div class="md-ellipsis">
|
||||||
<span class="md-footer-nav__direction">
|
<span class="md-footer-nav__direction">
|
||||||
Next
|
Next
|
||||||
</span>
|
</span>
|
||||||
Linux Move Cursor With Keyboard
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="md-footer-nav__button md-icon">
|
<div class="md-footer-nav__button md-icon">
|
||||||
|
@ -234,6 +234,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../posts/lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../posts/linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../posts/linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
@ -460,6 +472,8 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</article>
|
</article>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
BIN
site/photos/Screenshot31.png
Normal file
BIN
site/photos/Screenshot31.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 71 KiB |
BIN
site/photos/Screenshot39.png
Normal file
BIN
site/photos/Screenshot39.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 24 KiB |
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
|
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
|
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
|
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item md-nav__item--active">
|
<li class="md-nav__item md-nav__item--active">
|
||||||
@ -511,7 +523,7 @@ For instance, I find the</p>
|
|||||||
<div class="md-footer-nav">
|
<div class="md-footer-nav">
|
||||||
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
|
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
|
||||||
|
|
||||||
<a href="../.." class="md-footer-nav__link md-footer-nav__link--prev" rel="prev">
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-footer-nav__link md-footer-nav__link--prev" rel="prev">
|
||||||
<div class="md-footer-nav__button md-icon">
|
<div class="md-footer-nav__button md-icon">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
|
||||||
</div>
|
</div>
|
||||||
@ -520,7 +532,7 @@ For instance, I find the</p>
|
|||||||
<span class="md-footer-nav__direction">
|
<span class="md-footer-nav__direction">
|
||||||
Previous
|
Previous
|
||||||
</span>
|
</span>
|
||||||
Home
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</a>
|
</a>
|
||||||
|
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
@ -730,19 +742,19 @@ UUID=72241377-cd65-43a6-8363-1afce5bd93f6 / xfs defaults 0 1
|
|||||||
<h2 id="configure-crypttab"><strong>Configure Crypttab</strong></h2>
|
<h2 id="configure-crypttab"><strong>Configure Crypttab</strong></h2>
|
||||||
<p>But before the file systems can be mounted, <code>crypttab</code> needs to mount <code>/dev/sda3</code> at <code>/dev/mapper/cryptroot</code>.
|
<p>But before the file systems can be mounted, <code>crypttab</code> needs to mount <code>/dev/sda3</code> at <code>/dev/mapper/cryptroot</code>.
|
||||||
Configure <code>/etc/crypttab</code> which is actually currently at <code>/target/etc/crypttab</code></p>
|
Configure <code>/etc/crypttab</code> which is actually currently at <code>/target/etc/crypttab</code></p>
|
||||||
<ol>
|
<ul>
|
||||||
<li>find the UUID of the partition that will be mounted at <code>/dev/mapper/crypttab</code>
|
<li>find the UUID of the partition that will be mounted at <code>/dev/mapper/crypttab</code>
|
||||||
<div class="highlight"><pre><span></span><code><span class="go">blkid /dev/sda3 -s UUID</span>
|
<div class="highlight"><pre><span></span><code><span class="go">blkid /dev/sda3 -s UUID</span>
|
||||||
</code></pre></div></li>
|
</code></pre></div></li>
|
||||||
</ol>
|
</ul>
|
||||||
<p>And when you find the correct UUID number for <code>/dev/sda3</code>,
|
<p>And when you find the correct UUID number for <code>/dev/sda3</code>,
|
||||||
use that to configure <code>/etc/crypttab</code> which is actually currently at <code>/target/etc/crypttab</code>.
|
use that to configure <code>/etc/crypttab</code> which is actually currently at <code>/target/etc/crypttab</code>.</p>
|
||||||
<div class="highlight"><pre><span></span><code># /etc/crypttab
|
<div class="highlight"><pre><span></span><code># /etc/crypttab
|
||||||
# run the command `blkid /dev/sda3 -s UUID` which outputs
|
# run the command `blkid /dev/sda3 -s UUID` which outputs
|
||||||
# /dev/sdb3: UUID="da3e0967-711f-4159-85ac-7d5743a75201", from which derive
|
# /dev/sda3: UUID="da3e0967-711f-4159-85ac-7d5743a75201", from which derive
|
||||||
# <target name> <source device> <key file> <options>
|
# <target name> <source device> <key file> <options>
|
||||||
cryptroot UUID=da3e0967-711f-4159-85ac-7d5743a75201 none luks
|
cryptroot UUID=da3e0967-711f-4159-85ac-7d5743a75201 none luks
|
||||||
</code></pre></div></p>
|
</code></pre></div>
|
||||||
<h2 id="resume-installer-app"><strong>Resume Installer App</strong></h2>
|
<h2 id="resume-installer-app"><strong>Resume Installer App</strong></h2>
|
||||||
<p>At this point finish running the live installer, and you'll be done.</p>
|
<p>At this point finish running the live installer, and you'll be done.</p>
|
||||||
<h2 id="uefi-fix"><strong>UEFI Fix</strong></h2>
|
<h2 id="uefi-fix"><strong>UEFI Fix</strong></h2>
|
||||||
|
905
site/posts/lmde4-custom-partitions-disk-encryption/index.html
Normal file
905
site/posts/lmde4-custom-partitions-disk-encryption/index.html
Normal file
@ -0,0 +1,905 @@
|
|||||||
|
|
||||||
|
<!doctype html>
|
||||||
|
<html lang="en" class="no-js">
|
||||||
|
<head>
|
||||||
|
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<meta name="viewport" content="width=device-width,initial-scale=1">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<link rel="shortcut icon" href="../../assets/images/favicon.png">
|
||||||
|
<meta name="generator" content="mkdocs-1.1.2, mkdocs-material-6.1.7">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<title>LMDE4 Custom Partitions Disk Encryption - Trent's Blog</title>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<link rel="stylesheet" href="../../assets/stylesheets/main.19753c6b.min.css">
|
||||||
|
|
||||||
|
|
||||||
|
<link rel="stylesheet" href="../../assets/stylesheets/palette.196e0c26.min.css">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<link href="https://fonts.gstatic.com" rel="preconnect" crossorigin>
|
||||||
|
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback">
|
||||||
|
<style>body,input{font-family:"Roboto",-apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Roboto Mono",SFMono-Regular,Consolas,Menlo,monospace}</style>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<link rel="stylesheet" href="../../extra.css">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
</head>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="">
|
||||||
|
|
||||||
|
|
||||||
|
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
|
||||||
|
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
|
||||||
|
<label class="md-overlay" for="__drawer"></label>
|
||||||
|
<div data-md-component="skip">
|
||||||
|
|
||||||
|
|
||||||
|
<a href="#introduction" class="md-skip">
|
||||||
|
Skip to content
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<div data-md-component="announce">
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<header class="md-header" data-md-component="header">
|
||||||
|
<nav class="md-header-nav md-grid" aria-label="Header">
|
||||||
|
<a href="../.." title="Trent's Blog" class="md-header-nav__button md-logo" aria-label="Trent's Blog">
|
||||||
|
|
||||||
|
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
|
||||||
|
|
||||||
|
</a>
|
||||||
|
<label class="md-header-nav__button md-icon" for="__drawer">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg>
|
||||||
|
</label>
|
||||||
|
<div class="md-header-nav__title" data-md-component="header-title">
|
||||||
|
|
||||||
|
<div class="md-header-nav__ellipsis">
|
||||||
|
<span class="md-header-nav__topic md-ellipsis">
|
||||||
|
Trent's Blog
|
||||||
|
</span>
|
||||||
|
<span class="md-header-nav__topic md-ellipsis">
|
||||||
|
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
|
||||||
|
</span>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<label class="md-header-nav__button md-icon" for="__search">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<div class="md-search" data-md-component="search" role="dialog">
|
||||||
|
<label class="md-search__overlay" for="__search"></label>
|
||||||
|
<div class="md-search__inner" role="search">
|
||||||
|
<form class="md-search__form" name="search">
|
||||||
|
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" data-md-state="active" required>
|
||||||
|
<label class="md-search__icon md-icon" for="__search">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
|
||||||
|
</label>
|
||||||
|
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" data-md-component="search-reset" tabindex="-1">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
|
||||||
|
</button>
|
||||||
|
</form>
|
||||||
|
<div class="md-search__output">
|
||||||
|
<div class="md-search__scrollwrap" data-md-scrollfix>
|
||||||
|
<div class="md-search-result" data-md-component="search-result">
|
||||||
|
<div class="md-search-result__meta">
|
||||||
|
Initializing search
|
||||||
|
</div>
|
||||||
|
<ol class="md-search-result__list"></ol>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
</nav>
|
||||||
|
</header>
|
||||||
|
|
||||||
|
<div class="md-container" data-md-component="container">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<nav class="md-tabs md-tabs--active" aria-label="Tabs" data-md-component="tabs">
|
||||||
|
<div class="md-tabs__inner md-grid">
|
||||||
|
<ul class="md-tabs__list">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-tabs__item">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<a href="../.." class="md-tabs__link md-tabs__link--active">
|
||||||
|
Home
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-tabs__item">
|
||||||
|
|
||||||
|
|
||||||
|
<a href="../../links/" class="md-tabs__link">
|
||||||
|
Links
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</nav>
|
||||||
|
|
||||||
|
|
||||||
|
<main class="md-main" data-md-component="main">
|
||||||
|
<div class="md-main__inner md-grid">
|
||||||
|
|
||||||
|
|
||||||
|
<div class="md-sidebar md-sidebar--primary" data-md-component="navigation">
|
||||||
|
<div class="md-sidebar__scrollwrap">
|
||||||
|
<div class="md-sidebar__inner">
|
||||||
|
|
||||||
|
|
||||||
|
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
|
||||||
|
<label class="md-nav__title" for="__drawer">
|
||||||
|
<a href="../.." title="Trent's Blog" class="md-nav__button md-logo" aria-label="Trent's Blog">
|
||||||
|
|
||||||
|
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
|
||||||
|
|
||||||
|
</a>
|
||||||
|
Trent's Blog
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
|
||||||
|
|
||||||
|
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-1" type="checkbox" id="nav-1" checked>
|
||||||
|
<label class="md-nav__link" for="nav-1">
|
||||||
|
Home
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
</label>
|
||||||
|
<nav class="md-nav" aria-label="Home" data-md-level="1">
|
||||||
|
<label class="md-nav__title" for="nav-1">
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
Home
|
||||||
|
</label>
|
||||||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../.." class="md-nav__link">
|
||||||
|
Home
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item md-nav__item--active">
|
||||||
|
|
||||||
|
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
|
||||||
|
|
||||||
|
|
||||||
|
<label class="md-nav__link md-nav__link--active" for="__toc">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<a href="./" class="md-nav__link md-nav__link--active">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
|
||||||
|
|
||||||
|
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<label class="md-nav__title" for="__toc">
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
Table of contents
|
||||||
|
</label>
|
||||||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#introduction" class="md-nav__link">
|
||||||
|
Introduction
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#prepare-the-installation-media" class="md-nav__link">
|
||||||
|
Prepare The Installation Media
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#boot-the-install-disc" class="md-nav__link">
|
||||||
|
Boot The Install Disc
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#partition-the-hard-drive" class="md-nav__link">
|
||||||
|
Partition The Hard Drive
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#mount-the-hard-drive" class="md-nav__link">
|
||||||
|
Mount The Hard Drive
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#run-the-installer-app-from-command-line" class="md-nav__link">
|
||||||
|
Run The Installer App From Command Line
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#configure-fstab" class="md-nav__link">
|
||||||
|
Configure Fstab
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#configure-crypttab" class="md-nav__link">
|
||||||
|
Configure Crypttab
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#resume-installer-app" class="md-nav__link">
|
||||||
|
Resume Installer App
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#uefi-fix" class="md-nav__link">
|
||||||
|
UEFI Fix
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#optional-swap-file" class="md-nav__link">
|
||||||
|
Optional Swap File
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
</nav>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
|
Linux Move Cursor With Keyboard
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../simplified-raspberry-streaming/" class="md-nav__link">
|
||||||
|
Simplified Raspberry Streaming
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../clear-linux-encrypted-xfs-root/" class="md-nav__link">
|
||||||
|
Clear Linux Encrypted xfs Root
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../clear-linux-guest-virt-manager/" class="md-nav__link">
|
||||||
|
Clear Linux Guest Virt Manager
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../faster-partitioning-with-sgdisk/" class="md-nav__link">
|
||||||
|
Faster Partitioning With sgdisk
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde3-xfs-full-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE3 xfs Full Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../rewrite-hugo-themes-report-in-python/" class="md-nav__link">
|
||||||
|
Rewrite Hugo Themes Report in Python
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
</nav>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item md-nav__item--nested">
|
||||||
|
|
||||||
|
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-2" type="checkbox" id="nav-2" >
|
||||||
|
<label class="md-nav__link" for="nav-2">
|
||||||
|
Links
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
</label>
|
||||||
|
<nav class="md-nav" aria-label="Links" data-md-level="1">
|
||||||
|
<label class="md-nav__title" for="nav-2">
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
Links
|
||||||
|
</label>
|
||||||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../../links/" class="md-nav__link">
|
||||||
|
Links
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
</nav>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
<div class="md-sidebar md-sidebar--secondary" data-md-component="toc">
|
||||||
|
<div class="md-sidebar__scrollwrap">
|
||||||
|
<div class="md-sidebar__inner">
|
||||||
|
|
||||||
|
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<label class="md-nav__title" for="__toc">
|
||||||
|
<span class="md-nav__icon md-icon"></span>
|
||||||
|
Table of contents
|
||||||
|
</label>
|
||||||
|
<ul class="md-nav__list" data-md-scrollfix>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#introduction" class="md-nav__link">
|
||||||
|
Introduction
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#prepare-the-installation-media" class="md-nav__link">
|
||||||
|
Prepare The Installation Media
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#boot-the-install-disc" class="md-nav__link">
|
||||||
|
Boot The Install Disc
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#partition-the-hard-drive" class="md-nav__link">
|
||||||
|
Partition The Hard Drive
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#mount-the-hard-drive" class="md-nav__link">
|
||||||
|
Mount The Hard Drive
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#run-the-installer-app-from-command-line" class="md-nav__link">
|
||||||
|
Run The Installer App From Command Line
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#configure-fstab" class="md-nav__link">
|
||||||
|
Configure Fstab
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#configure-crypttab" class="md-nav__link">
|
||||||
|
Configure Crypttab
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#resume-installer-app" class="md-nav__link">
|
||||||
|
Resume Installer App
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#uefi-fix" class="md-nav__link">
|
||||||
|
UEFI Fix
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="#optional-swap-file" class="md-nav__link">
|
||||||
|
Optional Swap File
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</li>
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
<div class="md-content">
|
||||||
|
<article class="md-content__inner md-typeset">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<h1>LMDE4 Custom Partitions Disk Encryption</h1>
|
||||||
|
|
||||||
|
<p>date: 2020-12-15</p>
|
||||||
|
<h2 id="introduction"><strong>Introduction</strong></h2>
|
||||||
|
<p>Linux Mint Debian Edition is the alternate version of Linux Mint, but built on a Debian base. The result is quite pleasant: the
|
||||||
|
stability of desktop Debian, but with the rough edges polished smooth, nicely configured fonts and ui, and all the multi-media codecs included.</p>
|
||||||
|
<p>Previously, I wrote a <a href="../lmde3-xfs-full-disk-encryption/" target="_blank">guide for installing LMDE3 with disk encryption</a>.
|
||||||
|
The installer for LMDE 4 is different
|
||||||
|
in that it includes support for disk encryption, but not if you need custom partitions such as for a <strong>dual-boot
|
||||||
|
configuration</strong>.</p>
|
||||||
|
<p>With this in mind, the examples presented below assume that you have Windows 10 installed in 4 partitions, and
|
||||||
|
thus you would want to make 3 partitions (5,6,7) after that, for LMDE4.
|
||||||
|
As with before, with separate partitions for <code>/boot</code> formatted ext4, <code>/boot/efi</code> formatted fat32,
|
||||||
|
and a regular luks-encrypted partition for <code>/</code> formatted xfs.</p>
|
||||||
|
<p>With a separate efi partition for LMDE4, you can then use the computer's device boot menu to
|
||||||
|
select which efi boot entry you want to boot. There is also an advantage in having Windows use the
|
||||||
|
first efi partition, in that if something happens to the Windows efi boot entry, you can fall back to the
|
||||||
|
default efi executable. Whereas, if the efi boot entry for Linux somehow gets wiped, you could <a href="https://help.ubuntu.com/community/Grub2/Installing#via_ChRoot" target="_blank">repair that
|
||||||
|
easily enough via chroot</a>.</p>
|
||||||
|
<h2 id="prepare-the-installation-media"><strong>Prepare The Installation Media</strong></h2>
|
||||||
|
<p>Visit the <a href="https://www.linuxmint.com/" target="_blank">Linux Mint Website</a>
|
||||||
|
and <a href="https://www.linuxmint.com/edition.php?id=279" target="_blank">download</a> the iso file for LMDE 4 64bit. Download from torrents if possible, to save bandwidth.</p>
|
||||||
|
<ul>
|
||||||
|
<li>verify the sha256 sum of the iso file
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">sha256sum lmde-4-cinnamon-64bit.iso</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
</ul>
|
||||||
|
<p>Identify the thumb drive you are going to install from.</p>
|
||||||
|
<ul>
|
||||||
|
<li>type <code>lsblk</code>, note the output, and then insert the thumb drive</li>
|
||||||
|
<li>then type <code>lsblk</code> again and note the <em>additional output</em></li>
|
||||||
|
</ul>
|
||||||
|
<p><div class="highlight"><pre><span></span><code><span class="gp">#</span> lsblk /dev/sdb
|
||||||
|
<span class="go">NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT</span>
|
||||||
|
<span class="go">sdb 8:32 1 14.5G 0 disk</span>
|
||||||
|
<span class="go">├─sdb1 8:33 1 3.4G 0 part /media/trent/Debian 9.6.0 amd64</span>
|
||||||
|
<span class="go">└─sdb2 8:34 1 416K 0 part</span>
|
||||||
|
</code></pre></div>
|
||||||
|
In the above example output we see that our thumb drive is identified as <code>/dev/sdb</code>, and partition <code>/dev/sdb1</code> is automatically mounted.</p>
|
||||||
|
<p>Take special care that you have accurately identified the thumb drive before proceeding. For the sake of example,
|
||||||
|
we will proceed on the assumption that our thumb drive is identified as <code>/dev/sdb</code>, but you need to compensate accordingly.</p>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>unmount any partition of the thumb drive that are automatically mounted
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">umount /dev/sdb1</span>
|
||||||
|
</code></pre></div></p>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>write the disk image to the thumb drive
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">ddrescue -D --force lmde-4-cinnamon-64bit.iso /dev/sdb</span>
|
||||||
|
</code></pre></div></p>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<h2 id="boot-the-install-disc"><strong>Boot The Install Disc</strong></h2>
|
||||||
|
<ul>
|
||||||
|
<li>boot into bios to disable fastboot and secureboot</li>
|
||||||
|
<li>invoke your machine's device boot menu and boot the install disc in uefi mode</li>
|
||||||
|
<li>confirm that you have booted in uefi mode by listing efivars
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">ls /sys/firmware/efi/vars</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
</ul>
|
||||||
|
<h2 id="partition-the-hard-drive"><strong>Partition The Hard Drive</strong></h2>
|
||||||
|
<p>If you recall we are assuming the target hard drive is <code>/dev/sda</code>, as an example. So, make adjustments as necessary.</p>
|
||||||
|
<p>If you would rather use a different partition tool, make sure the efi partition is an efi partition type, and you definitely need a separate <code>/boot</code> partition.</p>
|
||||||
|
<p>If indeed, you are installing a dual-boot and are installing alongside another operating system,
|
||||||
|
then <strong>skip steps 1 and 2</strong>, obviously.</p>
|
||||||
|
<ol>
|
||||||
|
<li>if needed you can clear the drive with wipefs
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">wipefs --all /dev/sda</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>create a new partition table for <code>/dev/sda</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">sgdisk /dev/sda -o</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>create a new efi partition for <code>/dev/sda</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">sgdisk /dev/sda --new=5::+512MiB --typecode=1:ef00</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>create a new <code>/boot</code> partition for <code>/dev/sda</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">sgdisk /dev/sda --new=6::+1G</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>create a new <code>/</code> partition for <code>/dev/sda</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">sgdisk /dev/sda --new=7</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>verify your partition work
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">sgdisk /dev/sda -p</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>format the efi partition
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mkfs.vfat -F32 /dev/sda5</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>format the /boot partition
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mkfs.ext4 /dev/sda6</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>encrypt the <code>/</code> partition, you will be prompted for a password
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">cryptsetup -y -v luksFormat --type luks2 /dev/sda7</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>decrypt the <code>/</code> partition, you will be prompted for a password
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">cryptsetup open /dev/sda7 cryptroot</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>format the <code>/</code> device
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mkfs.xfs /dev/mapper/cryptroot</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
</ol>
|
||||||
|
<h2 id="mount-the-hard-drive"><strong>Mount The Hard Drive</strong></h2>
|
||||||
|
<p>This takes advantage of <em>expert mode</em> in the LMDE installer.</p>
|
||||||
|
<ol>
|
||||||
|
<li>create an <code>/target</code> directory
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mkdir /target</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>mount the <code>/</code> device at <code>/target</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mount /dev/mapper/cryptroot /target</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>create an <code>/target/boot</code> directory
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mkdir /target/boot</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>mount the <code>/boot</code> partition at <code>/target/boot</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mount /dev/sda6 /target/boot</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>create an <code>/target/boot/efi</code> directory
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mkdir /target/boot/efi</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>mount the efi partition at <code>/target/boot/efi</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">mount /dev/sda5 /target/boot/efi</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
</ol>
|
||||||
|
<h2 id="run-the-installer-app-from-command-line"><strong>Run The Installer App From Command Line</strong></h2>
|
||||||
|
<p>At this point you're ready to run the live installer. But you need to run the
|
||||||
|
installer from the command line in order to <strong>use expert-mode</strong>:
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">live-installer --expert-mode</span>
|
||||||
|
</code></pre></div></p>
|
||||||
|
<p>The first three pages of the live-installer cover Language,Timezone, and Keymap.
|
||||||
|
The fourth page of the live-installer covers name, password, and hostname. After this
|
||||||
|
<strong>select manual partitioning</strong>.</p>
|
||||||
|
<p>On the seventh page of the live-installer, you come to a partition configuration page.
|
||||||
|
But there is nothing to do here. The partition-configuration doesn't even recognize
|
||||||
|
your encrypted partitions. But no matter, because you have already mounted the target
|
||||||
|
file system relative to <code>/target/</code>, so select <em>expert mode</em> at the bottom of the page.</p>
|
||||||
|
<figure>
|
||||||
|
<img src=../../photos/Screenshot31.png width="100%" />
|
||||||
|
<figcaption>the installer doesn't even recognize the encrypted partitions ... ignore everything on this screen and click the `Expert mode` button</figcaption>
|
||||||
|
</figure>
|
||||||
|
|
||||||
|
<p>Again select <em>forward</em>, and when you come to the page where you configure the location
|
||||||
|
to install grub, that should be the efi partition, i.e. <code>/dev/sda5</code>.</p>
|
||||||
|
<figure>
|
||||||
|
<img src=../../photos/Screenshot39.png width="100%" />
|
||||||
|
<figcaption>select the efi partition as the location to install grub</figcaption>
|
||||||
|
</figure>
|
||||||
|
|
||||||
|
<p>Then continue with the installation. The installation will run for a
|
||||||
|
few minutes and will then pause. There will be a popup informing you that the installation has paused.
|
||||||
|
During the pause you need to manually configure <code>fstab</code> and <code>crypttab</code>.</p>
|
||||||
|
<h2 id="configure-fstab"><strong>Configure Fstab</strong></h2>
|
||||||
|
<ol>
|
||||||
|
<li>find the UUID of the efi partition
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">blkid /dev/sda5 -s UUID</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>find the UUID of the <code>/boot</code> partition
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">blkid /dev/sda6 -s UUID</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
<li>find the UUID of the <code>/</code> device
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">blkid /dev/mapper/cryptroot -s UUID</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
</ol>
|
||||||
|
<p>And when you find the correct UUID numbers, use them to configure <code>/etc/fstab</code> which is actually currently at <code>/target/etc/fstab</code>.
|
||||||
|
<div class="highlight"><pre><span></span><code># /etc/fstab
|
||||||
|
###############
|
||||||
|
# efi partition
|
||||||
|
# run the command `blkid /dev/sda1 -s UUID` which outputs
|
||||||
|
# /dev/sda5: UUID="17C4-215D", from which derive
|
||||||
|
UUID=17C4-215D /boot/efi vfat defaults 0 2
|
||||||
|
|
||||||
|
# /boot partition
|
||||||
|
# run the command `blkid /dev/sda2 -s UUID` which outputs
|
||||||
|
# /dev/sda6: UUID="f2509fff-4854-4721-b546-0274c89e6aec", from which derive
|
||||||
|
UUID=f2509fff-4854-4721-b546-0274c89e6aec /boot ext4 defaults 0 2
|
||||||
|
|
||||||
|
# "/" device
|
||||||
|
# run the command `blkid /dev/mapper/cryptroot -s UUID` which outputs
|
||||||
|
# /dev/mapper/cryptroot: UUID="72241377-cd65-43a6-8363-1afce5bd93f6", from which derive
|
||||||
|
UUID=72241377-cd65-43a6-8363-1afce5bd93f6 / xfs defaults 0 1
|
||||||
|
</code></pre></div></p>
|
||||||
|
<h2 id="configure-crypttab"><strong>Configure Crypttab</strong></h2>
|
||||||
|
<p>But before the file systems can be mounted, <code>crypttab</code> needs to mount <code>/dev/sda3</code> at <code>/dev/mapper/cryptroot</code>.
|
||||||
|
Configure <code>/etc/crypttab</code> which is actually currently at <code>/target/etc/crypttab</code></p>
|
||||||
|
<p>Sorry, that's actually an over-simplification. But you need to configure <code>crypttab</code> now,
|
||||||
|
because when the installer continues running again, it installs the bootloader and builds the initramfs,
|
||||||
|
and <code>mkinitramfs</code> parses <code>crypttab</code>, and builds and configures the initramfs in such a way that it knows
|
||||||
|
to decrypt your <code>/</code> partition so it can then hand it off to the kernel at boot time (I think).</p>
|
||||||
|
<ul>
|
||||||
|
<li>find the UUID of the partition that will be mounted at <code>/dev/mapper/crypttab</code>
|
||||||
|
<div class="highlight"><pre><span></span><code><span class="go">blkid /dev/sda3 -s UUID</span>
|
||||||
|
</code></pre></div></li>
|
||||||
|
</ul>
|
||||||
|
<p>And when you find the correct UUID number for <code>/dev/sda3</code>,
|
||||||
|
use that to configure <code>/etc/crypttab</code> which is actually currently at <code>/target/etc/crypttab</code>.
|
||||||
|
<div class="highlight"><pre><span></span><code># /etc/crypttab
|
||||||
|
# run the command `blkid /dev/sda7 -s UUID` which outputs
|
||||||
|
# /dev/sda7: UUID="da3e0967-711f-4159-85ac-7d5743a75201", from which derive
|
||||||
|
# <target name> <source device> <key file> <options>
|
||||||
|
cryptroot UUID=da3e0967-711f-4159-85ac-7d5743a75201 none luks
|
||||||
|
</code></pre></div></p>
|
||||||
|
<h2 id="resume-installer-app"><strong>Resume Installer App</strong></h2>
|
||||||
|
<p>At this point finish running the live installer, and you'll be done.</p>
|
||||||
|
<h2 id="uefi-fix"><strong>UEFI Fix</strong></h2>
|
||||||
|
<p>Well, actually there isn't one. In this scenario having two efi partitions,
|
||||||
|
we rely on the motherboard correctly persisting efi boot entries.</p>
|
||||||
|
<p>So if you are unlucky enough to have one of the HP laptops that
|
||||||
|
<em>forgets</em> efi boot entries, I guess you are out of luck.</p>
|
||||||
|
<p>You might try using a single efi partition instead of two, and
|
||||||
|
maybe that will work. Presumably this would require using VeraCrypt
|
||||||
|
for Windows, instead of Bitlocker (because Bitlocker won't allow Grub
|
||||||
|
to load the Windows bootloader?)</p>
|
||||||
|
<h2 id="optional-swap-file"><strong>Optional Swap File</strong></h2>
|
||||||
|
<p>Visit the <a href="https://wiki.archlinux.org/index.php/Swap#Swap_file" target="_blank">Arch Wiki</a> and they will hook you up.</p>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
</article>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</main>
|
||||||
|
|
||||||
|
|
||||||
|
<footer class="md-footer">
|
||||||
|
|
||||||
|
<div class="md-footer-nav">
|
||||||
|
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
|
||||||
|
|
||||||
|
<a href="../.." class="md-footer-nav__link md-footer-nav__link--prev" rel="prev">
|
||||||
|
<div class="md-footer-nav__button md-icon">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
|
||||||
|
</div>
|
||||||
|
<div class="md-footer-nav__title">
|
||||||
|
<div class="md-ellipsis">
|
||||||
|
<span class="md-footer-nav__direction">
|
||||||
|
Previous
|
||||||
|
</span>
|
||||||
|
Home
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</a>
|
||||||
|
|
||||||
|
|
||||||
|
<a href="../linux-move-cursor-with-keyboard/" class="md-footer-nav__link md-footer-nav__link--next" rel="next">
|
||||||
|
<div class="md-footer-nav__title">
|
||||||
|
<div class="md-ellipsis">
|
||||||
|
<span class="md-footer-nav__direction">
|
||||||
|
Next
|
||||||
|
</span>
|
||||||
|
Linux Move Cursor With Keyboard
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="md-footer-nav__button md-icon">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg>
|
||||||
|
</div>
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="md-footer-meta md-typeset">
|
||||||
|
<div class="md-footer-meta__inner md-grid">
|
||||||
|
<div class="md-footer-copyright">
|
||||||
|
|
||||||
|
Made with
|
||||||
|
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
|
||||||
|
Material for MkDocs
|
||||||
|
</a>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="md-footer-social">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<a href="https://twitter.com/boringtrent" target="_blank" rel="noopener" title="trent on twitter" class="md-footer-social__link">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"/></svg>
|
||||||
|
</a>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<a href="https://www.facebook.com/trentspalmer" target="_blank" rel="noopener" title="trent on facebook" class="md-footer-social__link">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M504 256C504 119 393 8 256 8S8 119 8 256c0 123.78 90.69 226.38 209.25 245V327.69h-63V256h63v-54.64c0-62.15 37-96.48 93.67-96.48 27.14 0 55.52 4.84 55.52 4.84v61h-31.28c-30.8 0-40.41 19.12-40.41 38.73V256h68.78l-11 71.69h-57.78V501C413.31 482.38 504 379.78 504 256z"/></svg>
|
||||||
|
</a>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<a href="https://github.com/TrentSPalmer" target="_blank" rel="noopener" title="trent on github" class="md-footer-social__link">
|
||||||
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><path d="M165.9 397.4c0 2-2.3 3.6-5.2 3.6-3.3.3-5.6-1.3-5.6-3.6 0-2 2.3-3.6 5.2-3.6 3-.3 5.6 1.3 5.6 3.6zm-31.1-4.5c-.7 2 1.3 4.3 4.3 4.9 2.6 1 5.6 0 6.2-2s-1.3-4.3-4.3-5.2c-2.6-.7-5.5.3-6.2 2.3zm44.2-1.7c-2.9.7-4.9 2.6-4.6 4.9.3 2 2.9 3.3 5.9 2.6 2.9-.7 4.9-2.6 4.6-4.6-.3-1.9-3-3.2-5.9-2.9zM244.8 8C106.1 8 0 113.3 0 252c0 110.9 69.8 205.8 169.5 239.2 12.8 2.3 17.3-5.6 17.3-12.1 0-6.2-.3-40.4-.3-61.4 0 0-70 15-84.7-29.8 0 0-11.4-29.1-27.8-36.6 0 0-22.9-15.7 1.6-15.4 0 0 24.9 2 38.6 25.8 21.9 38.6 58.6 27.5 72.9 20.9 2.3-16 8.8-27.1 16-33.7-55.9-6.2-112.3-14.3-112.3-110.5 0-27.5 7.6-41.3 23.6-58.9-2.6-6.5-11.1-33.3 2.6-67.9 20.9-6.5 69 27 69 27 20-5.6 41.5-8.5 62.8-8.5s42.8 2.9 62.8 8.5c0 0 48.1-33.6 69-27 13.7 34.7 5.2 61.4 2.6 67.9 16 17.7 25.8 31.5 25.8 58.9 0 96.5-58.9 104.2-114.8 110.5 9.2 7.9 17 22.9 17 46.4 0 33.7-.3 75.4-.3 83.6 0 6.5 4.6 14.4 17.3 12.1C428.2 457.8 496 362.9 496 252 496 113.3 383.5 8 244.8 8zM97.2 352.9c-1.3 1-1 3.3.7 5.2 1.6 1.6 3.9 2.3 5.2 1 1.3-1 1-3.3-.7-5.2-1.6-1.6-3.9-2.3-5.2-1zm-10.8-8.1c-.7 1.3.3 2.9 2.3 3.9 1.6 1 3.6.7 4.3-.7.7-1.3-.3-2.9-2.3-3.9-2-.6-3.6-.3-4.3.7zm32.4 35.6c-1.6 1.3-1 4.3 1.3 6.2 2.3 2.3 5.2 2.6 6.5 1 1.3-1.3.7-4.3-1.3-6.2-2.2-2.3-5.2-2.6-6.5-1zm-11.4-14.7c-1.6 1-1.6 3.6 0 5.9 1.6 2.3 4.3 3.3 5.6 2.3 1.6-1.3 1.6-3.9 0-6.2-1.4-2.3-4-3.3-5.6-2z"/></svg>
|
||||||
|
</a>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</footer>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script src="../../assets/javascripts/vendor.0ac82a11.min.js"></script>
|
||||||
|
<script src="../../assets/javascripts/bundle.f81dfb4d.min.js"></script><script id="__lang" type="application/json">{"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing"}</script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
app = initialize({
|
||||||
|
base: "../..",
|
||||||
|
features: ['navigation.tabs'],
|
||||||
|
search: Object.assign({
|
||||||
|
worker: "../../assets/javascripts/worker/search.4ac00218.min.js"
|
||||||
|
}, typeof search !== "undefined" && search)
|
||||||
|
})
|
||||||
|
</script>
|
||||||
|
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</html>
|
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
|
@ -236,6 +236,18 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<li class="md-nav__item">
|
||||||
|
<a href="../lmde4-custom-partitions-disk-encryption/" class="md-nav__link">
|
||||||
|
LMDE4 Custom Partitions Disk Encryption
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<li class="md-nav__item">
|
<li class="md-nav__item">
|
||||||
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
<a href="../linux-move-cursor-with-keyboard/" class="md-nav__link">
|
||||||
Linux Move Cursor With Keyboard
|
Linux Move Cursor With Keyboard
|
||||||
|
File diff suppressed because one or more lines are too long
@ -1,39 +1,43 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"><url>
|
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>None</loc>
|
<loc>None</loc>
|
||||||
<lastmod>2020-12-15</lastmod>
|
<lastmod>2020-12-16</lastmod>
|
||||||
|
<changefreq>daily</changefreq>
|
||||||
|
</url><url>
|
||||||
|
<loc>None</loc>
|
||||||
|
<lastmod>2020-12-16</lastmod>
|
||||||
<changefreq>daily</changefreq>
|
<changefreq>daily</changefreq>
|
||||||
</url>
|
</url>
|
||||||
</urlset>
|
</urlset>
|
Binary file not shown.
Loading…
Reference in New Issue
Block a user