In order to understand Linux better, I'm trying to manually configure an encrypted root lvm partition .
I have already tried this with the Ubuntu server installer by choosing the lvm encrypted option and it worked.
My problem is simple, i have created a /boot partition (not encrypted) and an encrypted root partition but the installer can't find a root partition.
I think that I have to mount the / partition .
How can i do that?
Best Answer
Assuming you are using the live, desktop CD:
Mount your crypt
This assumes your crypt is called
crypt
, the physical partition is/dev/sda1
, and the root partition partition in /dev/mapper is calledroot
, adjust accordingly to your setup.Boot the live (Desktop) CD and install lvm2 and cryptsetup.
Load the cryptsetup module.
Decrypt your file system.
Get the live CD to recognize (activate) your LVM.
You can now access / mount the crypt
Installing into the encrypted partition
I have not done this manually from an Ubuntu live CD and honestly I am not sure it will work, sort of depends on how much you already know, and how much I forget. This is going to be a long post, so I may not cover each and every detail ;).
You can try running the graphical installer and try to use /dev/mapper/root as your root ( / ) partition. You will need to unmount it first.
If that fails , you can install the long way with chroot
Installing into a chroot is fairly easy, you need to make any other partitions you are using , including /boot (you already have), swap, and if you so desire /home
You then install a base system with debootstrap, use /media/crypt_root as the chroot.
Typing all the commands for a chroot is going to be too long for an already long post, but DebootstrapChroot will walk you through how to do this step - by - step
After installing the base with debootstrap, we will chroot in and install / configure the rest.
Note: After following the above link, you should have configured the chroot ,
/media/crypt_root
, including resolv.conf, and you should have proc, sys, and dev mounted in the chroot. All that is covered, but just making sure ;)RUN THESE COMMANDS IN THE CHROOT
Configure the chroot. You will need to edit
/etc/fstab
,/etc/crypttab
In
/etc/crypttab
define your cryptIn
/etc/fstab
make sure you define your partitions, swap, etcMAKE SURE YOUR FSTAB IS COMPLETE , including swap, proc, home (if you use a separate home, tmpfs, etc. Use the live desktop cd as a template if needed.
Exit the chroot
EXIT Chroot
You now need to install grub, run this command from the live CD
That is about it, I do not think I forgot anything major. I can not fill in all the details of all your partitions as I do not know your layout and do not know how much or how little you know about /etc/fstab.
If you need further assistance or I forgot something post back or perhaps someone will chime in.
If all the seems overwhelming , well that is why people use the alternate CD, it automates the process.
Additional references:
http://en.gentoo-wiki.com/wiki/DM-Crypt_with_LUKS
https://wiki.archlinux.org/index.php/System_Encryption_with_LUKS
Those links will have gentoo and arch specific information, which you can ignore as you are on Ubuntu. But they contain more detailed descriptions on how to set up LVM and your crypt, including examples of crypttab and fstab.
Hope that helps.