Wiki HyperbolaGNU also tells us that LUKS version2 is not supported. There may be changes, I have not tested...

cryptsetup --cipher aes-xts-plain64 --hash sha512 --iter-time 5000 --key-size 512 --pbkdf argon2id
                                --use-urandom --verify-passphrase luksFormat --type luks2 /dev/sda

https://wiki.hyperbola.info/doku.php?id … stallation

throgh wrote:

We will speak about the guides you have written in IRC later on as we need to rework the guides in the wiki for sure - pointed out by also community-members in IRC in the last days. So thanks for all the time you have invested.

Would you mind perhaps trying this also without "/boot"? And especially on a Libreboot-machine, as you mention to have one?

Yes, exactly. I would like to rework both guides as noted from users in IRC that they are not working flawless or in special the guide with "encryption without /boot" is failing direct. As I have not written those nevertheless see myself in the position to support here I would do this for sure and bring loose endings now together.

throgh wrote:

throgh wrote:

We will speak about the guides you have written in IRC later on as we need to rework the guides in the wiki for sure - pointed out by also community-members in IRC in the last days. So thanks for all the time you have invested.

Would you mind perhaps trying this also without "/boot"? And especially on a Libreboot-machine, as you mention to have one?

Yes, exactly. I would like to rework both guides as noted from users in IRC that they are not working flawless or in special the guide with "encryption without /boot" is failing direct. As I have not written those nevertheless see myself in the position to support here I would do this for sure and bring loose endings now together.

Okay, I'll try and write here or create a separate topic.

Do you want me to install HyperbolaGNU without a desktop environment?

lsblk
NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sda                       8:0    0 465.8G  0 disk 
├─sda1                    8:1    0     1M  0 part 
├─sda2                    8:2    0   513M  0 part  /boot/efi
├─sda3                    8:3    0   1.7G  0 part  /boot
└─sda4                    8:4    0 463.6G  0 part 
  └─sda4_crypt          253:0    0 463.6G  0 crypt
    ├─vgtrisquel-root   253:1    0  23.3G  0 lvm   /
    ├─vgtrisquel-swap_1 253:2    0   5.6G  0 lvm   [SWAP]
    └─vgtrisquel-home   253:3    0 434.7G  0 lvm   /home

Hello Other_Cody . I also use Trisquel for other tasks, I still don't like that Trisquel uses SystemD and does not use the Libre-linux kernel by default, but that's their business)) A good alternative is https://www.gnuinos.org/

I can tell you my opinion. Don’t make sudden movements)) You will probably not have 70 or 80% of the programs that you have in Trisquel.

There are no ready-made ISOs with a graphical environment, etc.

I can assure you that those file-formats are fully free without any problems. You can also modify blender and blitz3d using only free dependencies or use older releases without any issues. So the files included in minetest are not any problem!

I have an forum account now.

I like Trisquel and really like that it can be installed off-line.
I like Trisquel's graphical installer. It is very easy to use.
If there are any problems with any Trisquel update, I know I can still use a live flash drive or DVD to install than update at a later time, seeing I do not need an internet connection.
Though I think I only had problems if I installed too many programs at one time.
I have been using Trisquel since Trisquel 8.

I used Debian before, but may have found a non-floss city building game in Debian main.

It was not even following Debian's policy. I think it was under an "Artistic license" which may still have been a non-floss license, but may have had a screenshot of it's main screen showing it was not following Debian's policy back in 9.6.0 of Debian, I think.

And this was before Debian switched to even more problematic licensed software.

I had an "ouch" Windows 8 before I very enjoyable deleted the "Windows virus like/virus" system, with Debian at that time, though did not use Windows online, thought I deleted the BIOS also but found out I may not have when installing Trisquel.

I did not like how I could not have the freedom to change even the "charms" bar's name, so I did not even like to use that "Loss-of-freedom-dows" off-line.

https://savannah.gnu.org/projects/gnuboot/

May have information about how to change the BIOS, though till I find out how to do that, hopefully quickly, I can update some at a time with a "freedom ladder"

https://www.fsf.org/blogs/community/the … dom-ladder

I think I also found Gnu/Linux with an "still ouch" "Apple iPod touch" that I do not even use now. Glad it let me at that time at least look at floss things.

NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sda                       8:0    0 465.8G  0 disk
├─sda1                    8:1    0     1M  0 part
├─sda2                    8:2    0   513M  0 part  /boot/efi
├─sda3                    8:3    0   1.7G  0 part  /boot
└─sda4                    8:4    0 463.6G  0 part
  └─sda4_crypt          253:0    0 463.6G  0 crypt
    ├─vgtrisquel-root   253:1    0  23.3G  0 lvm   /
    ├─vgtrisquel-swap_1 253:2    0   5.6G  0 lvm   [SWAP]
    └─vgtrisquel-home   253:3    0 434.7G  0 lvm   /home

Hi all . I would like to share my experience of installing Hyperbola on T440P Libreboot 2023 https://mirror.cyberbits.eu/libreboot/s … 0625/roms/ with Full disk encryption (including /boot) /libreboot/stable/20230625/roms/

I know that this image contains blobs and I do not understand and do not share the philosophy of Libreboot)) Why introduce blobs to increase the amount of hardware .. the meaning of the project is lost ..

This example uses luksFormat --type luks1 /dev/sdb1 . Don't use Luks1 it is not safe, use Luks2+argon2id today!
Since version 2.4.0 (released August 18, 2021), cryptsetup uses Argon2id by default. You can read why in detail in this article.
https://mjg59.dreamwidth.org/66429.html

My example is just a test installation, I wanted to understand whether it would work or not.

It seems to me that a more promising test is installing Full disk encryption (including /boot) on this T400 laptop with a 4-core processor

https://thonkpeasant.xyz/guides/other/quad.html

Booting ISO from USB

root@hyperiso # cd /usr/share/kbd/consolefonts

root@hyperiso # setfonts sun12X22.psfu.gz

Now the font size is normal, you can move on))

# lsblk

# dd if=/dev/urandom   of=/dev/sdb bs=1M status=progress 

# cfdisk /dev/sdb

  ( select dos > new > enter > primary > write > yes > quit )

now we have sdb1

Connect internet

# ip -c a

# rc-service dhcpcd start

# ip link set enp0s35 up

# dhcpcd enp0s35

Cryptsetup

# pacman -Syy cryptsetup 

# rc-update add lvm boot

# rc-update add dmcrypt boot 

# modprobe dm-mod

Create the Luks partititon

# cryptsetup -v --cipher serpent-xts-plain64 --key-size 512 --hash whirlpool --iter-time 500 --use-random --verify-passphrase luksFormat --type luks1 /dev/sdb1

Existing 'crypto_LUKS' superblock signature (offset:0 bytes) on device...
Existing 'crypto_LUKS' superblock signature (offset:16... bytes) on device...
Key slot 0 created
Command successuful

Create the volume group and logical volumes

# cryptsetup open /dev/sdb1  lvm

# pvcreate /dev/mapper/lvm

# pvs

  (check)

# vgcreate matrix /dev/mapper/lvm

# vgs

(check)

# lvcreate -l +100%FREE  matrix -n rootvol

# lvs

(check)

# mkfs.ext4 /dev/mapper/matrix-rootvol

# mount  /dev/matrix/rootvol  /mnt

Create the  /boot  and   /home directories

# mkdir -p /mnt/home

# mkdir -p /mnt/boot

Install the base system

# pacstrap  /mnt    

Generate an Fstab

# genfstab -U -p /mnt >> /mnt/etc/fstab

# cat /mnt/etc/fstab

  (check)

Chroot

# arch-chroot  /mnt

Setting up clock...

Setting up time zone..

Setting up the consolefont ...

Setting up Kernel Modules

# nano /etc/mkinitcpio.conf 

MODULES=i915

HOOKS="base udev autodetect modconf block keyboard keymap consolefont encrypt lvm2 filesystems fsck shutdown" 

Update Kernel

# mkinitcpio -p linux-libre-lts

==>ERROR Hook 'encrypt'...
==>WARNING missing isci..

OK,

# pacman -S cryptsetup 
# pacman -S core/isci-lts-firmware

# mkinitcpio -p linux-libre-lts 

Setting up hostname

# echo " hyperbola" > /etc/hostname 

# nano /etc/hosts

127.0.0.1   localhost.localdomain     localhost   hyperbola
::1         localhost.localdomain     localhost   hyperbola

Set the root password

#  passwd

****************************
****************************

Installing Grub

#  pacman -S grub

# nano /etc/default/grub

GRUB_CMDLINE_LINUX="cryptdevice=/dev/sdb1:lvm"

GRUB_ENABLE_CRYPTODISK=y

# grub-install /dev/sdb

Generate grub.cfg

# grub-mkconfig -o /boot/grub/grub.cfg

Unmount all partition and reboot

# exit

# umount -R /mnt

# lvchange -an /dev/matrix/rootvol

# cryptsetup close lvm

# openrc-shutdown -p now

Everything works, there is an inconvenience, if you have two SSDs, you need to enter your SSD number manually each time (for example, you press 3), after that the system boots and you need to enter the password twice, in the wiki https://wiki.parabola. nu/Installing_Parabola_on_Libreboot_with_full_disk_encryption_(including_/boot) there is an explanation of how to change this.