You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2018-01-31 13:17:11
- Started from the Bottom
- Member
- Registered: 2018-01-31
- Posts: 3
Install Arch Linux encrypted fails
Hello everybody
Although I already have some experience with Linux, but unfortunately I fail due to the encrypted installation of Arch Linux.
I know there are instructions for this, some of them are very different and partly, at least in my opinion, a bit confusing.
- Encrypted boot partition (/dev/sda1 with 512 MB)
- Encrypted swappable partition (/dev/sda2 with 6 GB)
- Encrypted root partition (/dev/sda3 with the leftover memory)
- Grub bootloader
The hard disk is partitioned and set up as follows
cryptsetup -c aes-xts-plain -y -s 512 luksFormat / dev / sda1 (boot partition)
cryptsetup luksFormat --type luks2 /dev/ sda2 (swap partition)
cryptsetup luksFormat --type luks2 /dev/ sda3 (root partition)
cryptsetup open /dev/sda1 boot
cryptsetup open /dev/sda2 swap
cryptsetup open /dev/sda3 root
mkfs.ext2 /dev/mapper/boot
mkswap /dev/mapper/swap
mkfs.ext4 /dev/mapper/root
I tried following the instructions below to install: https://wiki.archlinux.org/index.php/Dm … .28GRUB.29
I have entered the following in /etc /default/grub
GRUB_CMDLINE_LINUX = "cryptdevice=UUID=<device-UUID>:root "
GRUB_ENABLE_CRYPTODISK = y
It does not matter if I have entered the UUID which ls -la /dev/disk/by-uuid has entered or the UUID which ls -la /dev/disk/by-partuuid has indicated to me. I get the same error every time after grub-install /dev/sda --recheck. The error is "grub-install: error: 'cryptouuid / xxxxxxxxxxxxxxx' not found."
Where did I make a mistake? I hope I have already given all the necessary information.
Offline
#2 2018-01-31 21:51:57
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,525
- Website
Re: Install Arch Linux encrypted fails
The instructions you linked to are for UEFI booting, is yours a UEFI system? The wiki describes a separate EFI partition, which you do not have.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#3 2018-02-01 00:39:43
- Started from the Bottom
- Member
- Registered: 2018-01-31
- Posts: 3
Re: Install Arch Linux encrypted fails
It’s not a UEFI System.
Offline
#4 2018-02-01 00:59:34
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,525
- Website
Re: Install Arch Linux encrypted fails
There's your problem.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#5 2018-02-01 09:24:52
- Started from the Bottom
- Member
- Registered: 2018-01-31
- Posts: 3
Re: Install Arch Linux encrypted fails
Why? Does the encryption of all three partitions (boot/swap/root) only work on UEFI systems?
Last edited by Started from the Bottom (2018-02-01 09:25:16)
Offline
#6 2018-02-01 12:20:56
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,525
- Website
Re: Install Arch Linux encrypted fails
The instructions you linked to were explicitly for a UEFI system where the EFI partition would not be encrypted. All other instructions on that page are also for unencrypted boot partitions.
I don't have the relevant experience experience to know if there is any way to have an encrypted boot (without an unencrypted efi or extra boot partition) though it does seem unlikely to me: *something* has to run the decryption process, and unless your firmware will handle that, it must be done in software which in turn must be executable before any decryption. I suppose this *might* be possible in the MBR code of a bootloader. I say *might* as this is where I lack the relevant experience on encryption.
However, I do feel adequately expereinced at reading simple instructions, and it is clear that none of the instructions in the wiki suggest that an encrypted boot partition is possible without having some unencrypted supplement (e.g. an unencrypted EFI partition).
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#7 2018-02-03 18:48:22
- mxfm
- Member
- Registered: 2015-10-23
- Posts: 163
Re: Install Arch Linux encrypted fails
I seems you missed unencrypted UEFI partition (at least it was not mentioned in your post). If you think that 'encrypted boot' means 'encrypted UEFI', this is wrong. UEFI partition cannot be encrypted at all, because computer firmware does not support it.
By the way, you posted a link to wiki article which clearly mentions EFI partition.
Offline
#8 2018-02-03 18:53:59
- mxfm
- Member
- Registered: 2015-10-23
- Posts: 163
Re: Install Arch Linux encrypted fails
Why? Does the encryption of all three partitions (boot/swap/root) only work on UEFI systems?
???
Encryption of all three partitions (boot/swap/root) can also work on grub i386 platform. You asking the wrong question.
The right question is "why my setup cannot be booted if I am using UEFI?". The answer is absence of EFI partition.
Please look carefully at the table in wiki article you pointed. The archwiki spec is quite good about grub, uefi, dm-crypt and booting stuff. I don't see what can be useful said which is not in the wiki already.
EDIT: Somehow I have misread your post. So, you do not have UEFI.
Then I would advice explicitly specify target for 'grub-install' command. It should be '--target=i386-pc' (although judging by that grub-install works with '/dev/sd...' argument it installs i386-pc platform, because this arguement is invalid for uefi platform). You can try put 'verbose' flag for grub-install and provide the output.
Last edited by mxfm (2018-02-03 21:21:12)
Offline
#9 2018-02-03 19:59:44
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,525
- Website
Re: Install Arch Linux encrypted fails
mxfm, there is no need to double post. Also please read the thread: the OP already explicitly clarified that they do not have a UEFI system.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
Pages: 1