Guide for encrypted install [message #57] |
Mon, 21 October 2019 08:54 |
locutus
Messages: 16 Registered: January 2018 Location: US
|
Junior Member |
|
|
I'm looking to make a guide for installing encrypted Freenix, but also for libreboot devices aka X200.T400
Here is what I have made for far all works however, if the guide can be better please add. I would like to submit to libreboot and see if they will add as in Freenix guide.
Current guide is only working on no-libreboot devices i.e. x200
Erase disk
- [ ] cryptsetup open --type plain -d /dev/urandom /dev/sda erase_disk
Now fill the container with zeros.
- [ ] dd if=/dev/zero of=/dev/mapper/erase_disk bs=1M
close the container
- [ ] cryptsetup close erase_disk
##################
cfdisk
2 partitions
150M + boot (sda1)
full disk (sda2)
now encrypt
- [ ] cryptsetup -s 256 -y luksFormat /dev/sdx2
cap YES
enter password
cryptsetup luksOpen /dev/sda2 vault0
enter PW
First step for LVM setup is to create our physical volume.
- [ ] pvcreate /dev/mapper/vault0
create volume group name it matrix
- [ ] vgcreate matrix /dev/mapper/vault0
create swap
lvcreate -L 8G -n swap matrix
create root
lvcreate -L 15G -n root matrix
create home
lvcreate -l 100%FREE -n home matrix
vgscan --mknodes
vgchange -ay
active swap before setup
mkswap /dev/matrix/swap
Installation = run setup
addswap
add root w/ext4 (/dev/matrix/root)
add boot w/ext2 mount point /boot (/dev/sda1)
add home w/xfs mount point /home (/dev/matrix/home)
after installing OS exit do not reboot
###
chroot /mnt
- [ ] grub-install /dev/sda (non-libre devices)
- [ ] mkdir /boot/grub
- [ ] grub-mkconfig -o /boot/grub/grub.cfg (non-libreboot)
- [ ] grub-mkconfig -o /boot/grub/libreboot_grub.cfg
edit the /boot/grub/libreboot_grub.cfg or /grub.cfg (non-libreboot) file and then just after the first echo 'Loading Linux 4.4.14 ...' change
linux /vmlinuz-huge-4.4.14 root=/dev/mapper/cryptvg-root ro
change to
linux /vmlinuz-generic-4.4.14 root=/dev/mapper/matrix-root ro
- [ ]
exit
reboot
[Updated on: Tue, 22 October 2019 21:23] Report message to a moderator
|
|
|
Re: Guide for encrypted install [message #58 is a reply to message #57] |
Mon, 18 November 2019 22:42 |
connie
Messages: 28 Registered: January 2017
|
Junior Member Freenix Ninja |
|
|
Thanks! We are looking forward to expanding our on-site documentation to augment our next release, which can't be that far off, and this kind of stuff may come in very handy.
|
|
|