[Solved]Installing Arch on top of Mint in a multi OS with encryption

DecioSP · 2015-04-05 01:36:07

Some background.
My working machine have several partitions in which I have the following OS's installed:
Slackware (my current "main" distro)
Ubuntu and Windows 7 (Needed for academic reasons)
Two other partitions with distros to fulfill special purposes (current with Mint and Tails)
I handle the boot with Lilo instaled from Slackware and I am currently not confortable to switch bootloaders or handle control from lilo to another distro. (So far what I have being doing is to install the bootloaders for other distros (Ubuntu, Mint...) in their own partition and edit/update lilo from Slackware to correct the boot)
However, I am using Slack for some time and maybe its time to try a new distro and since I keep hearing and reading a lot of good things from Arch and I decided to give it a try.
I have some knowledge of linux but I confess that when it comes to either encryption or booting process my knowledge is very limited and that is the main reason for this post.
I would like to install Arch on top of Mint partition but I am unsure about few procedures mentioned in the installation guides tutorials.
1 - To correct implement encryption, tutorial states that I need to wipe the current data, is overwritting with zeros ok or should I go for random data?
2 - It is not clear to me "who" handles the keys, I mean, if I use the LUKS method mentioned, I suppose that they will be stored "somehow" in /boot, but how the bootloader will be able to handle it?
3 - Still about 2, will I need to install some bootloader for Arch (Grub/Syslinux) in the partition or can I manage the entire process from lilo via Slack? If I can, is there any risk of the encryption process also encrypt the uuid of the partion and, if it does, how to correct fill lilo.conf while in Slack?
4 - Few years ago I tried to test and encrypt one slack installation that I had and I run into some problems that required kernel compilation to add some crypt support and some quirks about logical partitions and hibernation issues, can I expect the same kind of problems in Arch as well?

Last edited by DecioSP (2015-04-09 07:15:02)

Strike0 · 2015-04-06 00:03:04

Hi DecioSP,
welcome to the Arch forums.
1) Which tutorial do you refer to? You should go for random data, methods here: https://wiki.archlinux.org/index.php/Dm … disk_drive
2) The encryption key itself is stored in the header of the LUKS device, but can only unlocked using a passphrase (or keyfile - which then you must store somewhere secure, yes) you specify at the time of creating the dm-crypt/LUKS block device. https://wiki.archlinux.org/index.php/Di … tion_works
3) You can manage it from your existing lilo and there is no requirement to install one from Arch in parallel. Basically you only need to add crypto parameters to the boot menu items kernel options. These are picked up by the Arch initramfs to unlock the encrypted device to boot from. https://wiki.archlinux.org/index.php/Dm … figuration
Arch kernels are not versioned by default. Therefore you only need to setup your lilo menu entry once. The LUKS blockdevice gets its own UUID (from which the system is booted), different to the UUID of the partition.
4) No. Everything required for this is in Arch's "base" group of packages & repo kernel config. Hibernation of an encrypted system can be a little tricky to configure, you should do that later. https://wiki.archlinux.org/index.php/Dm … encryption
What you should do right away though is to encrypt your swap partition, which you obviously have.

DecioSP · 2015-04-09 07:38:08

Thanks Strike0.
I manage to install it by following the tutorials that you posted and as far as I could test it is running fine. (This weekend I will see if I can put bumblebee and i3 to work as also to see if hibernation is working as expected)
However, in order to boot it correctly I had to use the uuid from the root logical partition. (Probably due some quirk in lilo I was not able to figure out)
Anyway, it worked with the uuid and that will work for now (maybe I come back later to try to figure out what I am missing in lilo.conf).

Last edited by DecioSP (2015-04-09 07:41:33)

Strike0 · 2015-04-10 10:53:00

Ok, great it worked. Somehow I am pretty sure you are going to enjoy how this distro rolls.
Yes, my wording was a bit ambigious, with "device to boot from" the root was meant and not /boot. I should have written "root device to boot" or something.

Arch Linux

#1 2015-04-05 01:36:07

[Solved]Installing Arch on top of Mint in a multi OS with encryption

#2 2015-04-06 00:03:04

Re: [Solved]Installing Arch on top of Mint in a multi OS with encryption

#3 2015-04-09 07:38:08

Re: [Solved]Installing Arch on top of Mint in a multi OS with encryption

#4 2015-04-10 10:53:00

Re: [Solved]Installing Arch on top of Mint in a multi OS with encryption

Board footer