-Boot Form DVD normal and access shell
-identify the hard disk , using cat /proc/partitions or fdisk -l
- my disk is /dev/sda with 1.6TB spaced
- i will create 1GB partition for boot and rest for /
-partition creation, use fdisk /dev/sda
- create first partition with 1GB (sda1 primary)
- create second partition with rest of free space (sda2 primary)
- all types are linux
-Disk Encryption
cryptsetup -s 256 -y luksFormat /dev/sda2
Type YES
, in all caps and give it a password. Do not forget this password!
-Now disk is Encrypted, we can now create a swap and root partition
cryptsetup luksOpen /dev/sda2 sda2crypt
-Input the password that we previously set. This will make our encrypted disk available on
/dev/mapper/sda2crypt
-create 2 volumes , 16GB volume for swap and rest for /
pvcreate /dev/mapper/sda2crypt
vgcreate EncDisk /dev/mapper/sda2crypt
lvcreate -L 16G -n swap EncDisk
lvcreate -l 100%FREE -n root EncDisk
pvcreate
will initialize a volume to be used by lvmvgcreate
is used to make volume groupslvcreate
is used to make a logical volume.-L
is used with a particular size and-l
(lowercase L) is used to extent a percent of the volume.
let lvm know about volumes
vgscan --mknodes
vgchange -ay
mkswap /dev/EncDisk/swap
Start Installation : setup
installation notes:
- Start From Add Swap
- use ext4 filesystem
- install on /dec/EncDisk/root
- add 1GB boot partition to setup, Format with
ext4
and set its mount point as/boot
-After A Full Install You Will be bring into boot loader page
- choose expert mode
- choose begin
- leave blank on lilo append
- choose standard
- choose MBR
- confirm /dev/sda
- choose lilo timeout as you wish
- choose to show a boot screen logo
We’ll be then brought back to the initial LILO installation screen
- Choose
Linux - Add a linux partition to the LILO config
- choose /dev/EncDisk/root
- Set Name To “Linux”
- Choose install
- continue with network configuration
- complete setup
- choose EXIT
- choose shell
Then:
chroot /mnt
/usr/share/mkinitrd/mkinitrd_command_generator.sh
This will return us a command that we can run to generate the GENERIC kernel specific to our machine. For me it was something like:
mkinitrd -c -k 5.15.19 -f ext4 -r /dev/EncDisk/root -m mptbase:mptscsih:mptspi:jbd2:mbcache:crc32c_intel:crc32c_generic:ext4 -C /dev/sda2 -L -u -o /boot/initrd.gz
Optional add : for swap partition hiberation
-h /dev/EncDisk/swap
to end of command, type and execute it
-Edit lilo’s config to make it use this new generic kernel
vi /etc/lilo.conf
Edit the corresponding parts to look like this:
image = /boot/vmlinuz-generic-5.15.19
initrd = /boot/initrd.gz
root = /dev/EncDisk/root
label = Linux
read-only # Partitions should be mounted read-only for checking
Above that, there’s an “append” line. Edit it to look something like this:
append = " resume=/dev/EncDisk/swap"
update lilo:
lilo
exit
reboot
on boot it will ask for decryption password
FINISHED
By: Mehdi Sadighian
Contact: mehdi.sadighian@hotmail.com
TAG: slackware, full disk encryption, encryption