In this guide I'm going to show you how to install Ubuntu 11.10 with full disc encryption with XTS. I'm using the desktop installer, the alternate installer does not support this mode. I've done this setup on earlier versions of Ubuntu, but it isn't quite the same with 11.10
I have two partitions on the HDD, sda1(/boot) and sda2(LUKS/LVM).
After booting the installer from USB and configuring the network, I install lvm2.
Next I create the LUKS volume with cryptsetup.
sudo apt-get install lvm2
Now open the LUKS and setup the LVM.
sudo cryptsetup luksFormat -c aes-xts-plain -s 512 -h sha512 /dev/sda2
sudo cryptsetup luksOpen /dev/sda2 pvcrypt
sudo vgcreate vg /dev/mapper/pvcrypt
sudo lvcreate -n root -L 1G vg
sudo lvcreate -n tmp -L 1G vg
sudo lvcreate -n opt -L 1G vg
sudo lvcreate -n var -L 2500M vg
sudo lvcreate -n swap -L 4G vg
sudo lvcreate -n usr -L 9G vg
sudo lvcreate -n home -l 100%FREE vg
For some reason, the installer does not let me format the volumes, so I do it manually. Example:
sudo mkswap /dev/mapper/vg-swap
Begin the installation process now. Don't connect to the internet, it seems there's another bug that will cause the installer to hang if you try install the updates during installation. When you get to installation type, select 'something else'/manual and configure the LVs with the appropriate mount points.
sudo mkfs.ext4 /dev/mapper/vg-root
DO NOT RESTART YET!! After the installation has finished, DO NOT RESTART! We are not done. We need to mount the installation and configure some stuff.
Chroot in and install lvm2. Re-connect your network here.
sudo mkdir ubuntu
sudo mount /dev/mapper/vg-root ubuntu
sudo mount /dev/mapper/vg-home ubuntu/home
Add the encrypted volume's UUID to /etc/crypttab
sudo chroot ubuntu
mount -t proc proc /proc
mount -t sysfs sys /sys
mount -t devpts devpts /dev/pts
apt-get install lvm2 cryptsetup
Make sure the initrd is up to date.
echo "pvcrypt UUID=`blkid -s UUID -o value /dev/sda2` none luks" | tee -a /etc/crypttab
And it's done! Go ahead and reboot.