hmm okay,
Actually you have a point because, I might need to know what the grub
configuration needs to look like to do this anyways.
You could ask on the Libreboot mailing list. It seems to be a problem related
to Libreboot.
ah nope I didn't yet because the instructions said nothing about it. kind of
confused I was.
I would like to now add a grub password but I am not sure quite how to do
that on the final step. Because you need to put the hash in when you reboot.
i think.
I see.
The "encrypt home directory" option uses cryptfs to encrypt the file system,.
LVM creates a volume group, and then you create physical areas for
encryption, and then when you start the computer you unlock the volume group.
It makes it harder to resize partitions (you do it via the CLI)
Do you remember tosudo update-grub
I have it mostly figured out, the part that is hard, is keeping the grub
configured permanently to boot correctly without adding extra commands.
(which with the /boot encrypted seems to be happening a lot.)
load operating system seems to keep resetting whatever i change in it.
Do you still have need of our help then? Or did you get it to at least partly
work?
something kept timing out and I hate to say this, but I think i found out
what happened!
yes well, I keep trying to make it set so that when i boot it up after doing
the steps it will auto boot, but the load operating system config keeps
resetting to default. so.. idk
The parameters for libreboot's load operating system option.
for offline if need be these are in french
Calm Storm
You do have the
https://trisquel.info/en/wiki/full-disk-encryption-install
wiki page LVM Full disk encryption text-mode installation
as Jxself suggested.
Have the instructions on a mobile phone or tablet computer. Then just follow
them exactly.
That aside though, I am extremely close. ;) I would also though like to make
a grub password seperate from the other password.
I am at the last part, but it is a bit confusing,
I need to ask something, when editing the load operating system area for full
disk encryption like it says in libreboot, I wondered if someone could
simplify what my next move is?
"
I want to be able to "automatically boot without having to t
Oh and also, should I read up on what the diceware method is?
Okay, thanks. I will consider all that you have said. but to answer codyh,
yes if it gets lost or stolen I want it to be hell on earth for the thief to
get into my system.
In a very brief outline:
The most important thing to understand is what your threat model is. Do you
want it encrypted because you don't want someone to have access if it's
lost/stolen or are your adversaries nation state actors? An encrypted hard
drive is useful for preventing physical acc
But what if they are doing an encrypted installation? Is it necessarily
better to use the whole disk (considering whether the quality of encryption
will be better that way)?
dguth...@posteo.net, Mér 11 Mai 2016 13:56:06 CEST:
It's pretty easy. I wouldn't set up an swap partition on an SSD though.
Yes, heard so. Tried an SSD in the shop with Trisquel Live but
didn't work, had to buy an HD instead. That's why I have a swap
partition.
In the Debian installer (the one on Trisquel network installer and in Debian
installer disks), there is an option for setting it up automatically. This
does not encrypt the /boot partition and since you are on Libreboot there is
no reason not to encrypt boot partition. Basically, what it does
Relevant link to installing with encrypted /boot on Libreboot:
https://libreboot.org/docs/gnulinux/encrypted_trisquel.html
It's pretty easy. I wouldn't set up an swap partition on an SSD though.
I would be using libreboot. :)
But I have never manually set up paritions in any linux distro even ubuntu or
trisquel.
I was wondering how much to give to each parition and which format each
should be in...
https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Encrypted_boot_partition_.28GRUB.29
There isn't a particular distribution of partitions that is mandated. The
partition that /boot is located in is the only one that matters to the boot
loader. As jxself mentioned, non-Libreboot systems need to leave /boot
unencrypted, so /boot should be its own partition to minimize that. You
ja...@bluehome.net, Mar 10 Mai 2016 23:51:01 CEST:
It's easy: In the netinstall select "Use entire disk and set up
encrypted LVM" (or words to that effect.) And Ta Da, everything is
encrypted except for /boot.
Yes my dear, it's easy, but it's not what was asked.
Actual full disk
It's easy: In the netinstall select "Use entire disk and set up encrypted
LVM" (or words to that effect.) And Ta Da, everything is encrypted except for
/boot. That can't be unless you have libreboot because proprietary BIOSes do
not normally include supported for reading encrypted boot partit
also which parts are most needed to be encrypted? and which parts are not
important..
how would I go about paritioning everything,
var, root, lib, dev, etc, usr and beyond...
I have 209 gb on my x200. I have libreboot and I wondered,
What is the best way to set it all up?
and what pitfalls to watch out for if i were to use boot in the encrypting
process.
28 matches
Mail list logo
