You are not logged in.

Pages: 1

#1 2015-07-10 14:14:08

johnnnie
Member
Registered: 2015-07-10
Posts: 1

EFI, dualboot, drive encryption and partitioning - setup advice

Hello everyone,

I would like to ask you for the advice. At the moment I do have a dual boot system with BIOS legacy mode, MBR based drive. I would like to introduce encryption for both Windows (using BitLocker) and ArchLinux. I assume that the proper way to achieve that is to have GPT drive, EFI boot, SecureBoot enabled and use dm-crypt for ArchLinux partition.

This is what my current drive layout looks like:

Disk /dev/sda: 238.5 GiB, 256060514304 bytes, 500118192 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x5e29f575

Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048    718847    716800   350M  7 HPFS/NTFS/exFAT
/dev/sda2          718848 245762047 245043200 116.9G  7 HPFS/NTFS/exFAT
/dev/sda3       245764094 500117503 254353410 121.3G  5 Extended
/dev/sda5       245766144 500117503 254351360 121.3G 83 Linux

I would like to ask you whether it is possible to create bit copy of sda2 (where my Windows C: drive is so that I do not have to reinstall it in case error occures, ArchLinux reinstallation is not a problem), what tool should be used.

Then what is the correct drive partitioning for such a setup (namely do I need two "EFI" partitions for Win and Arch?), whether gdisk could be used to convert the drive to GPT partition table and what is the correct or advised bootloader (since historically I do have experience with GRUB on BIOS boot mode only).

Thanks for your replies and wish you the best.

Johnnnie

Offline

#2 2015-07-10 20:28:06

Head_on_a_Stick
Member
From: The Wirral
Registered: 2014-02-20
Posts: 8,999
Website

Re: EFI, dualboot, drive encryption and partitioning - setup advice

johnnnie wrote:

SecureBoot enabled

You may have trouble with that but I have seen one thread (can't be bothered searching for it) in which an Arch user got Secure Boot working.
http://www.rodsbooks.com/efi-bootloader … eboot.html
http://kroah.com/log/blog/2013/09/02/bo … nux-kernel

johnnnie wrote:

I would like to ask you whether it is possible to create bit copy of sda2 (where my Windows C: drive is so that I do not have to reinstall it in case error occures, ArchLinux reinstallation is not a problem), what tool should be used.

Windows will need the sda1 partition as well and will likely not function at all if you convert the partition table to a GUID type.

I think you will have to re-install Windows to your GPT drive.

johnnnie wrote:

do I need two "EFI" partitions for Win and Arch?

No, you should share the same (Windows-generated) EFI system partition.

johnnnie wrote:

what is the correct or advised bootloader

I recommend systemd-boot, nee gummiboot

However, are you sure that you need to convert to EFI-mode to use full-system encryption?

I have no experience of encryption but I'm pretty sure it works just fine in non-EFI systems.

Jin, Jîyan, Azadî

Offline

Pages: 1

Board footer

Powered by FluxBB