Encrypted File Sustem for Ubuntu 8.04
Introduction
Ubuntu also fully supports an encrypted file system. This is another manual for a clean installation of a new operating system. It uses an encrypted LVM volume group and a separate boot partition that is unencrypted.
The assumptions we are the same as with the other manuals, standard new OS installation, tested with a virtual machine with an 8 GB hard drive broken up as a 100 MB boot partition, 2 GB swap, 3 GB home partition mounted on /home, and a 3 GB root partition mounted at /. An alternate installation cd is used, not the standard live cd. The alternate installation cd has a text installation mode and is provided at http://www.ubuntu.com/getubuntu/download and downloaded by checking a box labelled "Check here if you need the alternate desktop CD. This CD does not include the Live CD, instead it uses a text-based installer." under the big green "Start Download button.
Directions
1. Start your machine with the alternate installation cd. Follow the prompts to set up your language and keyboard layout. Once you get to the partitioning set up there will be an option "Guided - use an entire disk and set up an encrypted LVM. For the purposes of keeping the manuals redundant and break down the partitions to our liking we will not select that option, and use Manual setup. Select Manual and press enter.
2. Select the hard drive and click yes to creating a new empty partitioning table.
3. Create a new drive, set the size to 100 MB, press enter, for type use Primary, press enter
4. Keep the partition type Ext3, select the mount point option and press enter, from the list select "/boot" and press enter. Then select Done setting up partition and press enter.
5. After its done making the partition select the free space again and press enter. Select Create new partition and then for size just use the remaining space. Press enter. For type use Primary, press enter.
6. At this step change the "Use as" to Physical volume for encryption and press enter. It uses device mapper amd dm-crypt, just like the in the manual for openSUSE. If we were to install this system to replace an existing system and wanted to destroy the data we would change the "Erase data" but at this point we don't need to. Change any other options to your liking and then select "Done setting up partition" and press enter.
7. After that is done select the newly appeared Configure encrypted volumes . Enter the passphrase you would like to use and press enter.
8. After you have configured your encrypted partition and wrote the changes to disk your new encrypted partition should appear and be named something like sda2_crypt. Select it and press enter. In "Use As:"''' select '''"physical volume for LVM" and press enter, end then Done setting up the partition
9. Back at the main screen select "Configure the Logical Volume Manager" and press enter. Create a volume group, for name i used "efs", select the space to use by pressing space, and press enter.
10. Then select "Create logical volume". choose your newly created volume group and press enter. Then create the name, I used "swap" and allocate the size, I used 2 GB. Repeat the same for root naming it "root" and allocating 3 GB, and home, naming it "home" and allocating the rest, or however you want to your liking.
11. Click "Finish".
12. You will be taken back to the main menu which now looks really busy.
13. Select your swap partition and edit Use as: to set it to swap area.
14. For home and root select Ext3 and set the corresponding mount point.
15. At the main screen select "Finish partitioning and write the changes to disk"
16. Your system will now begin base installation.
