Question: when using this form of /boot encryption, rebooting is agonizingly slow - easily an order of magnitude slower than "normal" encryption (ie. encrypting just /, but not /boot). I understand that this is because grub doesn't have any hardware optimization at all, and so it takes forever to do the encryption with grub. I also dual boot with Windows (encrypted via VeraCrypt) & Linux. Booting into Linux takes ten times longer than Windows. Is there no way to improve this, or is it just a choice between "unencrypted /boot," or "rebooting takes forever?"
Always make regular backups of your data (and test them).
Visit Full Circle Magazine for beginners and seasoned Linux enthusiasts.
I didn't get this problem during my tests, so I can't comment on what's happening with you. Unless there is a clash between VeraCrypt and Grub? I've never used VeraCrypt for an operating system, so I don't know how it works.
As you are using VeraCrypt, have you considered using it as the encryption method for Linux? It's something that's worth testing, and if I get some time, I'll test it myself.
Always make regular backups of your data (and test them).
Visit Full Circle Magazine for beginners and seasoned Linux enthusiasts.
Nope, definitely not a clash - this is just the amount of time taken for grub to decrypt, which I've since read about all over the web. Apparently grub's encryption implementation is extremely un-optimized & slow. Bummer.
I did some research about using VeraCrypt vs LUKS on Linux, & the conclusion I came to was that LUKS is the better approach, since it's kernel/native, widely supported, and much faster. Reference: https://superuser.com/questions/1019...with-veracrypt
Question: on boot, I keep seeing the message:
ln /tmp/mountroot-fail-hooks.d//scripts/init-remount/lvm2: no such file or directory
Volume group "system" not found
Cannot process volume group system
Is that related to this script? Everything seems to be working otherwise.
Im having the same problem, like metal450. But freeing up the /boot/ partition by removing old kernels did not help. What should i do?
@Paddy$ sudo refreshgrub
refreshgrub: Grub update required
Grub update will be done automatically.
Do not restart or shut down until you receive another message telling you that this has been done, even if the Software Updater asks you restart.
Depending on your system, it could take several minutes.
refreshgrub: Grub update will be done automatically.\n\nDo not restart or shut down until you receive another message telling you that this has been done, even if the Software Updater asks you restart.\n\nDepending on your system, it could take several minutes.
x86_64-efi wird für Ihre Plattform installiert.
Could not delete variable: Invalid argument
grub-install: error: efibootmgr failed to register the boot entry: Block device required.
Failed to reinstall Grub.
refreshgrub: Grub update failed
Grub update failed.
Please do not restart or shut down until you have manually run the following command, even if the Software Updater asks you restart.
sudo refreshgrub
refreshgrub: Grub update failed.\n\nPlease do not restart or shut down until you have manually run the following command, even if the Software Updater asks you restart.\n\nsudo refreshgrub
How should one uninstall/remove your script "Manual Full System Encryption"? Are there uninstall instructions?
How should one transition from your method "Manual Full System Encryption" script to TJ's method?
Thanks in advance
I'm on my phone so I will have to format properly another time.
Not sure if it will help you or not but when I was still using this setup and ran into issues booting running this fix-grub.sh script from a live USB saved me a few times: https://gist.github.com/lovromazgon/...a8b97e8442720b
Further, I considered Tj's setup but then I found this: Ubuntu 20.04 with btrfs-luks full disk encryption including /boot and auto-apt snapshots with Timeshift
https://mutschler.eu/linux/install-guides/ubuntu-btrfs/
This setup is way forward. Ignore the swap partition and just set up the swap file so you can resume from hibernate or suspend-then-hiberbate. I have not managed to set up true hybrid suspend, or suspend-and-hibernate yet.
Warning: I tried this first on Ubuntu Mate 20.04.1 but restoring timeshift snapshots broke things. It works perfectly with Ubuntu 20.04.1
As far as I know the guide is based on HOWTO - GPT/UEFI install with full disk encryption: BTRFSonLUKS with separate root, home and pkg subvolumes; hibernation with a swapfile; auto-snapshots with easy system rollback (GUI); boot into snapshots
https://forum.endeavouros.com/t/howt...snapshots/3782
I can't understand why I don't get notifications for posts on this thread.
Sorry for not having replied sooner — I only now got a notification for posts on this thread since I last posted.
This is quite an old post. Did you resolve your problem?
It's not something that you can uninstall. It's how you installed your Ubuntu system, not an add-on after installation.
The best way is to ensure that your backups are fully up-to-date, and then reinstall from scratch. It's a pain, I know, but converting would probably drive you crazy and take a week. While you're about it, I would instead go for the method that @dusf pointed to.
That's excellent, as it's updated to version 20.04. Thank you. I have put both of your links into the current instructions.
Last edited by Paddy Landau; September 21st, 2020 at 10:30 AM. Reason: New information
Always make regular backups of your data (and test them).
Visit Full Circle Magazine for beginners and seasoned Linux enthusiasts.
Bookmarks