New Hardy install with full encryption?

**phryangle** · November 16th, 2009

Hi Everybody,

I've been reading non stop the last few days searching everywhere for answers and what I'm trying to do is to make a clean encrypted install of Hardy from the alternative cd. I want everything to be encrypted as much as possible, and I do realize there are sacrifices of convenience/performance in the name of paranoia/security. Anyway, from the links below I have created a list of steps that can be taken to encrypt a freshly installed ubuntu OS (to the best of my knowledge). Can anybody verify/add to the list and suggest improvements?

Context: I am a total n00b and I am doing this on a laptop.

1. Use DBAN and securely wipe the HDD. Here and Here.
2. Get the alternative install disc for Hardy and set up. Here.
3. Install TrueCrypt and set up for the full system once logged into Hardy. Here.
4. Set up BIOS passwords. Apparently not that strong, but better than nothing. Thoughts?

I know it seems overly simplified, but I need to boil it down so it makes sense in terms of action steps so I can do something. Thanks for any input.

**cariboo** · November 16th, 2009

If someone has physcal access to your computer, the only thing you can do is encrypt your data, which you have done. The only thing I can suggest is to use a good strong pass-phrase, one that is not easily guessed.

**FuturePilot** · November 16th, 2009

You shouldn't need TrueCrypt if you're setting up the system with the Encrypted LVM option in the alternate installer. Everything else seems OK though.