Is there a sane way to do full-volume encryption under Linux? dmcrypt is entirely command-line driven, and one would practically have to attend a seminar to know how to how to configure this shit.
No version of GParted that I know of can manage this, or even read / manipulate encrypted partitions.
Other urls found in this thread:
mhogomchungu.github.io
securityaffairs.co
twitter.com
Veracrypt
If you're only using a single drive, most GUI installers handle it.
What i can't find how the fuck to do is encrypting a full setup consisting of two or more drives without wasting my life in google and the terminal, even on Windows is like 3 or 4 clicks to do that shit.
>If you're only using a single drive, most GUI installers handle it.
I don't generally use distros that have GUI installers, and those that do don't support encryption. I'm guessing that's more likely to be the case with Ubuntu, which I have no interest in using for any reason.
It doesn't support full-volume encryption under GNU/Linux, and I wouldn't trust an unauthorized fork of TrueCrypt anyway.
you best attend that seminar OP
>Is there a sane way to do full-volume encryption under Linux?
Yes.
>dmcrypt is entirely command-line driven, and one would practically have to attend a seminar to know how to how to configure this shit.
It's ridiculously easy. Just follow some tutorial.
All installers I can think of support full disk encryption, even the text ones.
Btw, you shouldn't trust encryption if you don't understand it.
What memeOS do you use?
>spending hours in command line space juggling verbose operations
>"ridiculously easy"
Okay.
>you shouldn't trust encryption if you don't understand it
I know what encryption is, user. Having perfect recall of a very specific series of command line functions for applying said encryption is another matter entirely.
I'm not joking. It's far from hard.
>Fill disk with random data
>cryptsetup luksFormat /path/to/device
>cryptsetup luksOpen /path/to/device volume_name
>mkfs.ext4 /dev/mapping/volume_name
>mount /dev/mapping/volume_name /mount/directory
Also, is not knowing what encryption is, is knowing the algorithm and having a general idea of how it's implemented.
Well in gnome disk manager when you pick a file system type you pick ext4+Luks. It's that easy, on fedora at least.
btw: don't forget to close the device after using it
cryptsetup luksClose/path/to/device
>spending hours in command line space juggling verbose operations
Does your shitOS not have any kind of scripting functionality or are you just retarded?
Install Solus. Seriously, it's file system has military grade encryption by default, with no cpu overhead and no need for password.
Actually, the CIA and NSA are using solus on their servers.
This guy is right. You should try solus, it's the best OS.
>What i can't find how the fuck to do is encrypting a full setup consisting of two or more drives without wasting my life in google and the terminal, even on Windows is like 3 or 4 clicks to do that shit.
Thought i was the only one, still unable to find a distro that lets you do that easily.
Where exactly did you get stuck?
Except the package manager has no useful software.
>and no need for password.
Oh, you are trolling him... Here is a (you)
None of the usual GUI installers have options to do that, only a box that says "encrypt entire installation" which refers to a single drive.
The arch wiki explains how to make your lvm, make the containers and set up a password but nothing else. How am i supposed to merge the opened containers with the GUI installer from a distro?
I didn't understand what you said. I have used several distros in a ssd+hdd lvm+luks setup.
(it's easy, really)
Please explain more clearly what you did and where you stopped.
>wants to encrypt hard drive
>doesn't know CLI
nigger
>None of the usual GUI installers have options to do that, only a box that says "encrypt entire installation" which refers to a single drive.
Also, they do. Just choose manual partitioning.
What does one thing have to do with the other?
Downloaded xubuntu as a common distro and ran a VM to test again, this is where i get stuck.
I don't think I understood it correctly. Do you have two physical volumes, one encrypted and one not, and you create a lvm over both? That don't make much sense.
Encrypt sda2 and sdb1, then create the lvm over it.
After that you are basically done. The partitions should show up in the installer when clicking "advanced partition layout". Install normally.
Then create /etc/crypttab on the target, chroot and install grub.
Maybe i'm fucking up the partitioning because i'm stupid.
I have two physical drives, i'd like to have root and swap on sda and home on sdb, both drives encrypted with a single passphrase.
>chroot and install grub
Care to explain to a pleb?
Run luksFormat on sda2 and sdb1.
luksOpen both.
Create your volume groups.
Create you logical volumes, to specify a physical volume for each partition just add it's path at the end of the lvcreate command.
Mount the root partition on /mnt/root
mount -t proc proc /mnt/root/proc/
mount -t sysfs sys /mnt/root/sys/
mount -o bind /dev /mnt/root/dev/
chroot /mnt/root
grub-mkconfig
grub-install /dev/sda
should work
>grub-mkconfig
>grub-install /dev/sda
I don't remember if that is the correct order. So run mkconfig after install again.
I have to sleep. I hope it worked for you, you dense weaboo, proprietary faggot.
>full-volume
E L E V E N
L
E
V
E
N
Ubuntu has an option to encrypt the volume when you do a fresh install. No idea of any details about it though.
>recommending a encryption solution that grants people a root shell just by holding down the enter key for 70 seconds
sounds secure
securityaffairs.co
Do you even read what you post?
>The experts highlighted the fact that anyway the attacker is not able to access to to the contents of the encrypted drive.
Dumb meme poster, I bet you saw the headlines in some shit tech consumerist site and thought you are the smartest retard on earth.
Also, learn what the initram is and does.