Ubuntu – Install Backtrack 5 r2 into running LUKS setup installed with ubuntu

backtrackencryptionlukslvmUbuntu

One hard disk (sda), two partitions, with a working Ubuntu running.

1) /boot

2) LVM with this virtual volumes/partions/ or whatever they are called inside:

  1. Swap
  2. Ubuntu
  3. Home
  4. Prepared for Backtrack

Of course I would like to share home and swap. I have seen tutorials, but they look outdated and complicated and they are for setting up everything just with backtrack. It seems you have to do some things manually after backtrack install to get it running with LUKS. I like to know what it is exactly that backtrack don't do automatically and how to install backtrack in my prepared partition. I want to tell backtrack NOT to install a boot-loader (I think it's possible) and setup the grub from Ubuntu to be able to boot backtrack.

Best Answer

Warning, wall of text incoming. It's as well formatted as I could make it.

If we're going to answer this, we're going to answer the whole thing. I'm not doing another answer on this, so here goes:

Let's pretend you know absolutely nothing, and I'm feeding you keystrokes.
This tells you everything you need to know to do this WHOLE thing, with a little bit of this and this thrown in. Really, read.
You could have, by reading that, arrived at:
Boot Ubuntu 11.10 as live.

Open a terminal. The sizes I'm using are on a 40G virtual disk. We're doing this all as root 

sudo su
apt-get install lvm2
fdisk /dev/sda
  n
  p
  1
  [enter]
  +1000M
  t
  83
  n
  [enter]
  [enter]
  t
  2
  8e
  w

Which means, open dev/sda, new primary partition in position 1 of size no less than 1000MB with type ext3 or better, new primary partition in position 2 of type LVM, and write to disk.

Because I spelled it out, I'm going to assume you're running that setup EXACTLY.

We'll use /dev/sda1 for /boot and /dev/sda2 for EVERYTHING ELSE. You can change the sizes to suit your bare metal install, but this was for a VM to answer your question. 

pvcreate /dev/sda2
vgcreate iammaster /dev/sda2
lvcreate --name lvubuntu --size 10G iammaster
lvcreate --name lvhome --size 12G iammaster
lvcreate --name lvyouarestudent --size 13G iammaster
lvcreate --name lvswap --size 4G iammaster

That says create a physical volume on /dev/sda2, a volume group of name iammaster on /dev/sda2, and logical volumes lvubuntu, lvhome, lvyouarestudent, and lvswap on volume group iammaster. 

lvdisplay iammaster

Just to check. Then format... 

cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/mapper/iammaster-lvyouarestudent
YES
*passphrase twice*
cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/mapper/iammaster-lvhome
YES
*passphrase twice*
cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/mapper/iammaster-lvswap
YES
*passphrase twice*
cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/mapper/iammaster-lvubuntu
YES
*passphrase twice*

Okie-doke. Now you've got encrypted LVM. Mount your crypt partitions. 

cryptsetup luksOpen /dev/mapper/iammaster-lvswap swap  
*enter passphrase*
cryptsetup luksOpen /dev/mapper/iammaster-lvubuntu ubuntu  
*enter passphrase*
cryptsetup luksOpen /dev/mapper/iammaster-lvhome home
*enter passphrase*

And the formatting and enabling swap... 

mkswap /dev/mapper/swap
swapoff -a
swapon /dev/mapper/swap

mkfs.ext4 /dev/mapper/ubuntu
mkfs.ext4 /dev/mapper/home

Install per normal (custom) and don't reboot. Note that you have to do a non-standard install and double click to on the logical volumes to choose FS-Type and mount-point. Don't forget /dev/sda1 as boot. We then click install now. After a couple of continues, you're on your way. Click continue testing NOT restart now.
enter image description here
Get directories ready 

mkdir /mnt/ubuntu
mount /dev/mapper/ubuntu /mnt/ubuntu

Mount the special filesystems and boot 

mount --bind /dev /mnt/ubuntu/dev  
mount --bind /proc /mnt/ubuntu/proc  
mount --bind /sys /mnt/ubuntu/sys  
mount /dev/sda1 /mnt/ubuntu/boot

And chroot/install lvm/crypt 

chroot /mnt/ubuntu  
apt-get install cryptsetup lvm2 dmsetup

Next we need crypttab so we only unlock our disks once 

ubuntu /dev/mapper/iammaster-lvubuntu none luks
home /dev/mapper/iammaster-lvhome /etc/home.key luks
swap /dev/mapper/iammaster-lvswap /dev/urandom swap,cipher=aes-cbc-essiv:sha256

cat /etc/crypttab
cat /etc/fstab
*make sure everything matches*  
dd if=/dev/urandom of=/etc/home.key bs=256 count=1
cryptsetup luksAddKey /dev/mapper/iammaster-lvhome /etc/home.key
*enter passphrase*

Now for initramfs 

*edit /etc/initramfs-tools/modules*
aes-i586
dm-crypt
dm-mod
sha256

update-initramfs -k all -c
update-grub2
grub-install /dev/sda

init 6

Now on to repeating all this for backtrack...because if you do it manually right once, the next time should be the same 

startx
*open terminal*
vgchange -a y
cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/mapper/iammaster-lvswap
YES
*passphrase twice*
cryptsetup luksOpen /dev/mapper/iammaster-lvswap swap  
*enter passphrase*
mkswap /dev/mapper/swap
swapoff -a
swapon /dev/mapper/swap    
cryptsetup luksOpen /dev/mapper/iammaster-lvubuntu ubuntu  
*enter passphrase*
cryptsetup luksOpen /dev/mapper/iammaster-lvhome home
*enter passphrase*
cryptsetup luksOpen /dev/mapper/iammaster-lvyouarestudent bt
*enter passphrase*
mkfs.ext4 /dev/mapper/bt

Install specify manual, specify mountpoints(shared /boot too. if you're using one behind/stable Ubuntu and edge BT it shouldn't be a problem with clobbering...if you're still concerned, add another boot partition), don't format. At step 8, advanced
enter image description here
When it finishes continue testing again, just like last time:
enter image description here Get directories ready 

mkdir /mnt/bt
mount /dev/mapper/bt /mnt/bt
mkdir /mnt/tempmount  
mount /dev/mapper/ubuntu /mnt/tempmount
cp /mnt/tempmount/etc/home.key /mnt/bt/etc/home.key

Mount the special filesystems and boot 

mount --bind /dev /mnt/bt/dev  
mount --bind /proc /mnt/bt/proc  
mount --bind /sys /mnt/bt/sys  
mount /dev/sda1 /mnt/bt/boot

And chroot/install lvm/crypt 

chroot /mnt/bt  
apt-get install cryptsetup lvm2 dmsetup

Next we need crypttab so we only unlock our disks once 

bt /dev/mapper/iammaster-lvyouarestudent none luks
home /dev/mapper/iammaster-lvhome /etc/home.key luks
swap /dev/mapper/iammaster-lvswap /dev/urandom swap,cipher=aes-cbc-essiv:sha256

cat /etc/crypttab
cat /etc/fstab
*make sure everything matches*

Now for initramfs 

*edit /etc/initramfs-tools/modules*
aes-i586
dm-crypt
dm-mod
sha256

update-initramfs -k all -c    
init 6

Reboot to ubuntu live media 

sudo su
apt-get install lvm2
vgchange -a y
cryptsetup luksOpen /dev/mapper/iammaster-lvubuntu ubuntu
*passphrase*
mkdir /mnt/ubuntu
mount /dev/mapper/ubuntu /mnt/ubuntu
*insert the bind steps and mount boot steps from before again*
chroot /mnt/ubuntu
update-initramfs -k all -c
update-grub2
grub-install /dev/sda
init 6

Just change /dev/mapper/ubuntu to /dev/mapper/bt and pass the right kernel arguments and you're done.

I went to a lot of trouble to create this tutorial. I hope you appreciate it. 

*you may have to do this every time BT gets a kernel update*
Related Question