I am going to install Linux and do a full disk encryption, I did some research and want to confirm that following information is correct:
- We first have the raw hdd
- Then we create partition table on it
- Then we create a /boot partition leaving the rest free space
- Then we use the free space as physical volume for encryption (encryption method = dm-crypt)
- Then we create logical volume group out of this encrypted volume (so that we only have one pass phrase )
- Then create logical volume out of this logical volume group (root, swap, home )
- And configure these logical volumes (root, swap, home)
- Finally write changes to disk
Am I correct? Is this a possible procedure?
Best Answer
Take a look at Dual Ubuntu Installations with Whole Disk Encryption. It describes how to add a secondary installation into the LUKS container created by an initial Ubuntu installation, but you'll find the necessary details in there for your scenario.
(I would have added this as a comment but don't have enough of reputation yet).