99 lines
1.8 KiB
Markdown
99 lines
1.8 KiB
Markdown
---
|
|
title: "encrypted"
|
|
tags: [ "Documentation", "distros" ]
|
|
---
|
|
> # taken from https://0x00sec.org/t/arch-linux-with-lvm-on-luks-dm-crypt-disk-encryption-installation-guide-legacy-bios-system/1479
|
|
|
|
> # if you need wifi
|
|
|
|
> wifi-menu
|
|
|
|
> timedatectl set-ntp true
|
|
|
|
> fdisk -l
|
|
|
|
> parted /dev/sda
|
|
|
|
> (parted) mklabel msdos
|
|
|
|
> (parted) mkpart primary ext2 1MB 512MB
|
|
|
|
> (parted) mkpart primary ext4 512MB 100%
|
|
|
|
> (parted) print
|
|
|
|
> (parted) set 1 boot on
|
|
|
|
> (parted) quit
|
|
|
|
> fdisk -l
|
|
|
|
> cryptsetup luksFormat /dev/sda2
|
|
|
|
> # make a name. Here I use "crypt".
|
|
|
|
cryptsetup open /dev/sda2 crypt
|
|
|
|
> pvcreate /dev/mapper/crypt
|
|
|
|
> # now a group name - "usb"
|
|
|
|
> vgcreate usb /dev/mapper/crypt
|
|
|
|
|
|
> lvcreate -L 8GB usb -n swap
|
|
> lvcreaate -L 30G usb -n root
|
|
> lvcreate -l 100%FREE usb -n home
|
|
|
|
> mkfs.ext4 /dev/mapper/usb-home
|
|
mkfs.ext4 /dev/mapper/usb-root
|
|
> mkswap /dev/mapper/usb-swap
|
|
|
|
> mkfs.ext2 /dev/sda1
|
|
|
|
> mount /dev/mapper/usb-root /mnt
|
|
mkdir /mnt/home
|
|
> mount /dev/mapper/usb-home /mnt/home
|
|
mkdir /mnt/boot
|
|
> mount /dev/sda1 /mnt/boot
|
|
swapon /dev/mapper/usb-swap
|
|
|
|
pacstrap -i /mnt base base-devel efibootmgr grub
|
|
|
|
genfstab -U /mnt >> /mnt/etc/fstab
|
|
|
|
arch-chroot /mnt
|
|
|
|
############ new root #############
|
|
|
|
ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
|
|
|
|
# uncomment en_GT.UTF-8
|
|
> vi /etc/locale.gen
|
|
|
|
> locale-gen
|
|
|
|
> # add `LANG=en_GB.UTF-8` to /etc/locale.conf
|
|
|
|
> vi /etc/locale.conf
|
|
|
|
> echo crypt > /etc/hostname
|
|
|
|
> # make sure keyboard encrypt lvm2 are on the list of HOOKS
|
|
|
|
> vi /etc/mkinitcpio.conf
|
|
|
|
> grub-install /dev/sda
|
|
|
|
> vi /etc/default/grub
|
|
edit the GRUB_CMDLINE_LINUX=""
|
|
|
|
`GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:usb root=/dev/mapper/usb-root"`
|
|
|
|
> grub-mkconfig -o /boot/grub/grub.cfg
|
|
|
|
> mkinitcpio -p linux
|
|
|
|
> pacman -S wpa_supplicant dialog
|
|
|