gbbloanf
August 19th, 2015, 09:14 PM
I am trying to install Xubuntu 15.04 with LVM and LUKS, manually partitioning in order to have a separate /home partition.
So far I have booted the Xubuntu live CD and went through these steps:
Used gparted to create three partitions:
200 MB fat32 with boot flag as /dev/sda1 - EFI System Partition.
300 MB ext2 as /dev/sda2 - Will be used for /boot.
400 GB unformatted as /dev/sda3 - Will be the encrypted volume.
Created and opened the encrypted volume:
cryptsetup luksFormat --cipher aes-xts-plain64 --key-size 512 --hash sha512 /dev/sda3
cryptsetup luksOpen /dev/sda3 crypt
Set up the logical volumes on the encrypted volume:
pvcreate /dev/mapper/crypt
vgcreate vgcrypt /dev/mapper/crypt
lvcreate -n lvcryptroot -L 30G vgcrypt
lvcreate -n lvcryptswap -L 10G vgcrypt
lvcreate -n lvcrypthome -l 100%FREE vgcrypt
Set up the filesystem on the logical volumes:
mkfs.ext4 /dev/vgcrypt/lvcryptroot
mkfs.ext4 /dev/vgcrypt/lvcrypthome
mkswap /dev/vgcrypt/lvcryptswap
Ran the installer, selected the appropriate options and started the installation.
Set /dev/mapper/vgcrypt-lvcryptroot to mount point /
Set /dev/mapper/vgcrypt-lvcrypthome to mount point /home
Set /dev/sda2 to mount point /boot
Set /dev/sda as the device for boot loader installation.
When the installer finished, I chroot into the new system:
cd /mnt
mkdir root
mount /dev/mapper/vgcrypt-lvcryptroot root
mount /dev/sda2 root/boot
chroot root
mount -t proc proc /proc
mount -t sysfs sys /sys
Created /etc/crypttab and added an entry for /dev/sda3 to it:
vi /etc/crypttab
Inserted the line: crypt UUID=<uuid_here> none luks
update-initramfs -u
exit
reboot
Upon attempting to boot into the newly installed system, I am not asked for a password to decrypt the encrypted volume. I am thrown into the initramfs prompt without any errors. What did I miss?
So far I have booted the Xubuntu live CD and went through these steps:
Used gparted to create three partitions:
200 MB fat32 with boot flag as /dev/sda1 - EFI System Partition.
300 MB ext2 as /dev/sda2 - Will be used for /boot.
400 GB unformatted as /dev/sda3 - Will be the encrypted volume.
Created and opened the encrypted volume:
cryptsetup luksFormat --cipher aes-xts-plain64 --key-size 512 --hash sha512 /dev/sda3
cryptsetup luksOpen /dev/sda3 crypt
Set up the logical volumes on the encrypted volume:
pvcreate /dev/mapper/crypt
vgcreate vgcrypt /dev/mapper/crypt
lvcreate -n lvcryptroot -L 30G vgcrypt
lvcreate -n lvcryptswap -L 10G vgcrypt
lvcreate -n lvcrypthome -l 100%FREE vgcrypt
Set up the filesystem on the logical volumes:
mkfs.ext4 /dev/vgcrypt/lvcryptroot
mkfs.ext4 /dev/vgcrypt/lvcrypthome
mkswap /dev/vgcrypt/lvcryptswap
Ran the installer, selected the appropriate options and started the installation.
Set /dev/mapper/vgcrypt-lvcryptroot to mount point /
Set /dev/mapper/vgcrypt-lvcrypthome to mount point /home
Set /dev/sda2 to mount point /boot
Set /dev/sda as the device for boot loader installation.
When the installer finished, I chroot into the new system:
cd /mnt
mkdir root
mount /dev/mapper/vgcrypt-lvcryptroot root
mount /dev/sda2 root/boot
chroot root
mount -t proc proc /proc
mount -t sysfs sys /sys
Created /etc/crypttab and added an entry for /dev/sda3 to it:
vi /etc/crypttab
Inserted the line: crypt UUID=<uuid_here> none luks
update-initramfs -u
exit
reboot
Upon attempting to boot into the newly installed system, I am not asked for a password to decrypt the encrypted volume. I am thrown into the initramfs prompt without any errors. What did I miss?