1 (edited by zapper 2018-07-08 02:29:16)

Topic: encrypted install without /boot

Can someone tell me how to do this, for my netbook, (it isn't libreboot)

I have done tihs with /boot, but I wouldn't know how to do this in a netbook without libreboot.

if it helps, I only really want to encrypt /home and /root and maybe /var on my netbook.

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

2

Re: encrypted install without /boot

zapper wrote:

Can someone tell me how to do this, for my netbook, (it isn't libreboot)

I have done tihs with /boot, but I wouldn't know how to do this in a netbook without libreboot.

if it helps, I only really want to encrypt /home and /root and maybe /var on my netbook.

You need encrypt your disk with dm-crypt, then put LVM on it to install Hyperbola.

Then, you need set up GRUB_CMDLINE_LINUX line and uncomment GRUB_PRELOAD_MODULES and GRUB_ENABLE_CRYPTODISK in /etc/default/grub:

/etc/default/grub
---
GRUB_CMDLINE_LINUX="cryptdevice=UUID=$your_uuid:$your_label root=UUID=$your_uuid"

# Uncomment to use LUKS and LVM2
GRUB_PRELOAD_MODULES=lvm
GRUB_ENABLE_CRYPTODISK=y

And set up HOOKS line adding encrypt and lvm2 in /etc/mkinitcpio.conf:

/etc/mkinitcpio.conf
---
HOOKS="... encrypt lvm2"

3

Re: encrypted install without /boot

Emulatorman wrote:
zapper wrote:

Can someone tell me how to do this, for my netbook, (it isn't libreboot)

I have done tihs with /boot, but I wouldn't know how to do this in a netbook without libreboot.

if it helps, I only really want to encrypt /home and /root and maybe /var on my netbook.

You need encrypt your disk with dm-crypt, then put LVM on it to install Hyperbola.

Then, you need set up GRUB_CMDLINE_LINUX line and uncomment GRUB_PRELOAD_MODULES and GRUB_ENABLE_CRYPTODISK in /etc/default/grub:

/etc/default/grub
---
GRUB_CMDLINE_LINUX="cryptdevice=UUID=$your_uuid:$your_label root=UUID=$your_uuid"

# Uncomment to use LUKS and LVM2
GRUB_PRELOAD_MODULES=lvm
GRUB_ENABLE_CRYPTODISK=y

And set up HOOKS line adding encrypt and lvm2 in /etc/mkinitcpio.conf:

/etc/mkinitcpio.conf
---
HOOKS="... encrypt lvm2"

Okay,  would it be possible to make a beginners style wiki for this? Because when do I, do this #1, (before installation or after?) or #2 which guide do I modify to make this work?

The way you explained it here is a bit confusing for me that's all. lots of stuff left out aka.

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!

4

Re: encrypted install without /boot

Emulatorman wrote:
zapper wrote:

Can someone tell me how to do this, for my netbook, (it isn't libreboot)

I have done tihs with /boot, but I wouldn't know how to do this in a netbook without libreboot.

if it helps, I only really want to encrypt /home and /root and maybe /var on my netbook.

You need encrypt your disk with dm-crypt, then put LVM on it to install Hyperbola.

Then, you need set up GRUB_CMDLINE_LINUX line and uncomment GRUB_PRELOAD_MODULES and GRUB_ENABLE_CRYPTODISK in /etc/default/grub:

/etc/default/grub
---
GRUB_CMDLINE_LINUX="cryptdevice=UUID=$your_uuid:$your_label root=UUID=$your_uuid"

# Uncomment to use LUKS and LVM2
GRUB_PRELOAD_MODULES=lvm
GRUB_ENABLE_CRYPTODISK=y

And set up HOOKS line adding encrypt and lvm2 in /etc/mkinitcpio.conf:

/etc/mkinitcpio.conf
---
HOOKS="... encrypt lvm2"

Actually, better question, would this be the equivelant of full disk encryption on my netbook? - boot or with boot?

What parts of the libreboot guide apply, and which ones don't?

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!