HacksR: Setup Ubuntu 12.

04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

Comparteix

Ms

Bloc segent

Crear bloc

Entra-hi

HacksR
Any results from my software-related tinkering sessions, I consider worth sharing with the world.
MONTAG, 14. MAI 2012 FOLLOWER

Setup Ubuntu 12.04 server with full disk encryption

Although there are several tutorials out there describing how to encrypt your system using dmcrypt. There are essentially two reasons why I made this one: 1. As preparation for the following tutorial on how to setup unlocking via SSH 2. To document the setup for myself. We start from scratch with installing ubuntu 12.04 LTS server. You can download it here. I won't go into the detail on the setup itself, but only the process of partitioning the disk. There are many ways to encrypt your harddisk. Arch wiki covers it pretty well if your're interested. I'll describe one specific way here. The goal: encrypting "root" and "swap". However, when you setup two encrypted paritions you set up two (different) passwords. I am pretty lazy, so I want to unlock all encrypted volumes at once. This is where LVM comes in. So I just create one encrypted partition and let LVM handle the rest of the partitioning. So let's go:

Mitglied dieser Site werden

mit Google Friend Connect

Es sind noch keine Mitglieder vorhanden. Seien Sie der Erste!

Sie sind bereits Mitglied? Anmelden

BLOG-ARCHIV

2012 (8) Juli (2) Juni (1) Mai (2) SSH unlock with fully encrypted ubuntu 12.04 serve... Setup Ubuntu 12.04 server with full disk encryptio... Mrz (1) Januar (2)

BER MICH

Christoph Gritschenberger Mein Profil vollstndig anzeigen

Obviously you are going to set up the partitions manually, so select "Manual" on this screen.

1 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

I start with a completely empty disk. If it's not a new drive you should probably "secure erase" it first. So first you setup a boot-partition.

This partition will contain the kernel and the initialramfs required to unlock your system. I created a 200MB partition formatted as ext4. You can adjust the size according to your needs. Then setup a partition using up the rest of the space.

2 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

Then select "Configure encrypted volumes" and then "Create encrypted volumes". Select the disks to use for encryption accordingly:

After setting the password you'll end up with an encrypted volume (e.g. sda2_crypt).

3 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

Now select "Configure the Logical Volume Manager".

Select "Create Volume group" and give it a name. This name will be used to present your device in udev (/dev/mapper/yourlvmdisk).

4 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

Make sure you select the encrypted volume for the volume group.

Then select "Create logical volume" to create a partition inside the volume group. Setup partitions as desired. You can control your layout at the end by selecting "Display configuration Details".

5 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

I decided to setup just a root and a swap partition in this testsetup. If you want additional partitions (e.g. home) you need to create them here. When you're satisfied with your volume setup hit finish.

The volumes now appear as partitions in the partition manager and can be formatted like regular partitions.

6 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

I setup the first partition as root-partition with ext4 as filesystem.

When you're done setting up the partitions hit "Finish partitioning and write changes to disk" and then carry on with the installation as usual. When the setup is finished and the system rebooted you will be prompted the password for the volume. Congratulations! Your system is now fully encrypted.

Eingestellt von Christoph Gritschenberger um 02:52 Labels: ubuntu precise server luks lvm dmcrypt

+2 Auf Google empfehlen

Keine Kommentare: Kommentar verffentlichen

7 de 8

20/10/12 12:12

HacksR: Setup Ubuntu 12.04 server with full disk encryption

http://hacksr.blogspot.com.es/2012/05/setup-ubuntu-1204-ser...

Geben Sie einen Kommentar ein...

Kommentar schreiben als:

Prol auswhlen... Vorschau

Startseite lterer Post

Verentlichen
Neuerer Post

Abonnieren Kommentare zum Post (Atom)

Simple-Vorlage. Powered by Blogger.

8 de 8

20/10/12 12:12