Results 1 to 7 of 7

Thread: Encryption and Manual partitioning

Hybrid View

  1. #1
    Join Date
    Dec 2012
    Beans
    3

    Encryption and Manual partitioning

    Hey all, i was hoping someone could shed some light on a problem i'm having while installing 12.10

    Maybe i'm just not seeing the option somewhere, but it seems like if i choose to encrypt the whole disk during installation, i am unable to also manually partition my hdd...

    If i choose the 'something else' option, i can manually partition the drive as i want to, but then the installation continues and doesn't seem to give me the whole disk encryption option, i only get the 'encrypt home directory' option later on.

    So my question is, how do i choose the whole disk encryption option, while also being able to manually partition my drive?

    Thanks

  2. #2
    Join Date
    Jun 2009
    Location
    Chicago Suburbs
    Beans
    Hidden!
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Encryption and Manual partitioning

    Welcome to the forums.

    I have not used encryption, but I thought whole disk encryption was only available with the alternative installer. You have to use LVM which is not part of the desktop installer. And 12.10 has done away with the alternative installer as they hope to have everything in the Desktop gui version, but do not yet.

    This is to a USB flash drive but shows the install process.
    Ubuntu Encrypted Flash Memory Installation using alternative text based installer, if you do not want encryption you just use standard Desktop installer.
    Standard full install with screenshots to flash or SSD:
    Ubuntu Encrypted Flash Memory Installation using alternative text based installer
    http://members.iinet.net/~herman546/p19.html

    Correction, it is supposed to work?
    https://wiki.ubuntu.com/QuantalQuetz.../UbuntuDesktop
    Users who were installing using the alternate CD to install with LVM or full-disk encryption can now use the desktop image for this
    Last edited by oldfred; December 28th, 2012 at 07:08 PM.
    For more info on UEFI boot install & repair - Updated Oct 2015:
    http://ubuntuforums.org/showthread.php?t=2147295
    Please use Thread Tools above first post to change to [Solved] when/if answered completely.







  3. #3
    Join Date
    Jul 2005
    Location
    Hughenden, Australia
    Beans
    5,089
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Encryption and Manual partitioning

    I'm not sure whether it works or not. When I had a look the option appeared to be there in 12.10 but clicking on it didn't seem to do anything. I didn't spend very much time with it though, as I was installing for somebody who wanted a plain, standard install in a single partition. Maybe I should try again sometime and see if I can find out if there's any trick to it or if I was just unlucky that time.

    If you find you cannot install 12.10 in the way you want, you should be able to install 12.04 instead and then upgrade to 12.10 afterwards whenever you are ready.

    I do know that we can use the 12.04 Alternate CD for encrypted lvm installations and the option to 'use entire disk and set up encrypted lvm' is quite straightforward. That will install Ubuntu with a separate /boot (not encrypted) with an encrypted / in a single partition.

    I also know that if you want to install with separate /home and maybe even further divide your installation up into a lot of separate partitions for some reason, it is/was possible to do that using the Alternate installation CD.
    Before you start you must get rid of any swap areas in the disk and in other disks that may be plugged in to the computer, (unplug them).
    You start off installing normally and choose 'manual' partitioning instead of 'use entire disk'.
    Then you create your /boot partition.
    With the remaining free space, set 'physical volume for encryption' as the file system, and proceed to set up the encrypted volume with a passphrase.
    You then modify the encrypted volume with the logical volume manager to creat a volume group, (call it 'root' or whatever you want). You can select one or more devices for the volume group.
    Now you can create all your new LVs, as many as you like, you can have separate /usr , /usr/local, /opt, /tmp, /var, /swap , /home , and whatever others you like and of course / (root).
    Set up a file system in each of your new LVs and save the changes.

    There was a website about how to install Ubuntu as described above but the last time I found it was back when Lucid Lynx came out. The site is no longer available. It's not easy to explain it all in a few words, and even with the help of now non-existing web site the procedure was not simple even for a person with a lot of experience using the Alternate CD.

    I am looking forward reading about someone who can confirm the 12.10 (or later) Desktop CD will work for setting up an encrypted LVM and especially from someone who has used it to create an installation across several logical volumes, and/or across multiple disks. I may try again myself when time allows.

  4. #4
    Join Date
    Dec 2012
    Beans
    3

    Re: Encryption and Manual partitioning

    Thanks for the replies

    I may try installing 12.04 and then upgrading, my only concern is that at this point it seems like the full disk encryption option doesn't support multiple partitions or something like that? So i would guess that the upgrade from 12.04 wouldn't offer the full disk encryption option.

    As well as the encryption option, i can also choose the LVM option, is it possible that due to whatever limitations that the full disk encryption has, i'm only able to use LVM for partition management once the install is complete?

    I did do an install with the LVM option ticked, and inside the install i ended up with 3 partitions as follows :

    /dev/sda1 boot Linux
    /dev/sda2 Extended
    /dev/sda5 Linux


    It then tells me after the information about each partition, the following 3 errors :

    Disk /dev/mapper/sda5_crypt doesn't contain a valid partition table
    Disk /dev/mapper/ubuntu-root doesn't contain a valid partition table
    Disk /dev/mapper/ubuntu-swap_1 doesn't contain a valid partition table


    I'm not sure what those mean exactly, but i also get this during boot up :

    The disk drive for /dev/mapper/ubuntu-swap is not ready yet or not present

    So again, i'm not sure if its setup correctly or what, but either way it isn't making the partitions how i want them which is a separate partition for root, home and swap area.

    Is it possible that the full disk encryption option is limited in a way that doesn't allow for partitions to be setup in any other way than what it does by default, and is shown above in my fdisk results?

    And are those errors simply a result of how it is forced to set up the partitions under full disk encryption?

  5. #5
    Join Date
    Dec 2012
    Beans
    3

    Re: Encryption and Manual partitioning

    I found this link which seems to confirm that if you want full disk encryption, you have to let it do its default partitioning scheme which is as i listed above :

    http://www.linuxbsdos.com/2012/09/04...cal-installer/

    It also shows that if you want to install 12.10 along side another OS install, it won't let you choose to encrypt the whole disk, which makes me believe that if you want to upgrade from 12.04 you are probably also unable to encrypt the whole disk, it seems like a limitation with the option that requires it to repartition in its default scheme from scratch

    Oh well, i will just be installing it and letting it do the partitions automatically, i'll keep reading up on why exactly it can't encrypt the partitions you make yourself, i'm not too knowledgeable on how whole disk encryption works and what the limitations are really

  6. #6
    Join Date
    Jul 2005
    Location
    Hughenden, Australia
    Beans
    5,089
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Encryption and Manual partitioning

    Well I don't know about the new Ubiquity yet for 12.10 thanks for the link, it looks like it is worth another try, the author of that web page must have definitely it working.

    I'm typing to you right now from a USB stick which has Ubuntu Lucid Lynx installed in it in LUKS encrypted LVM. It has a separate /tmp, /swap, /var, /home, /root, and /usr. This was installed using the Ubuntu 'Alternate' CD.


    Last edited by Herman; December 29th, 2012 at 08:32 PM. Reason: add screencap

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •