Главная » Linux

Arch linux and ssd

На чтение 3 мин Просмотров 1 Опубликовано

alanorth / arch-install-encrypted.md

Mostly follows the Arch Linux install guide, but with tips from these for the encryption setup:

Find the correct disk and clear all existing partitions with sgdisk :

# fdisk -l # sgdisk --zap-all /dev/sda

Use gdisk to create a new GUID partition table (press «o») and two partitions (press «n»):

  • Partition 1: 512M (or more) for /boot with type «EF00»
  • Partition 2: the rest of the disk for LVM with type «8E00» (we will create root, home, etc here using LVM)

Format the boot partition with mkfs.fat :

Create Encrypted LUKS partition

Uses 128-bit AES (double to -s 512 if you want 256 bit) and sha256, because the NSA is not my adversary, but I don’t want random people to be able to get my shit if I lose my laptop. Creates the encrypted device and then LVM inside it, for as many partitions as you want.

# cryptsetup -v -y -c aes-xts-plain64 -s 256 -h sha256 -i 2000 --use-urandom luksFormat /dev/sda2 # cryptsetup open /dev/sda2 luks # pvcreate /dev/mapper/luks # vgcreate vg0 /dev/mapper/luks # lvcreate --size 6G vg0 --name root # lvcreate -l +100%FREE vg0 --name home # mkfs.ext4 /dev/mapper/vg0-root # mkfs.ext4 /dev/mapper/vg0-home

Follow the Arch Linux install guide here, as from now it’s mostly the same:

# mount /dev/mapper/vg0-root /mnt # mkdir /mnt/ # mount /dev/mapper/vg0-home /mnt/home # mount /dev/sda1 /mnt/boot # pacstrap /mnt base base-devel vim # genfstab -U /mnt >> /mnt/etc/fstab # arch-chroot /mnt .
Оцените статью
© 2023 Posetke
Adblock
detector