You are not logged in.
Hello,
I'm about to perform my first install of Arch. I did lots of reading on this topic and I think I got a fair grasp of installation process but there is couple of questions still bogging be. I will describe in short what I want to do and how I want to do it. Any corrections or suggestions are more than welcome!
1. Check disk for errors:
#badblocks -c 10240 -s -w /dev/sda
#badblocks -c 10240 -s -w /dev/sdb
#badblocks -c 10240 -s -w /dev/my_usb2. Overwrite everything with "random" data:
#dd if=/dev/urandom of=/dev/sda bs=1M
#dd if=/dev/urandom of=/dev/sdb bs=1M
#dd if=/dev/urandom of=my_usb bs=1M3. Partitioning of two hard drives. On /dev/sda I will create small (250 MB), unencrypted boot (primary) and 4G swap (primary). Remaining space I will allocate to LVM. Whole of /dev/sdb will be designated as LVM.
4. Encrypting LVM and adding extra passphrase.
#dd if=/dev/urandom of=mykeyfile bs=512 count=4
#cryptsetup luksFormat -c aes-xts-plain -s 512 /dev/sda3 mykeyfile
#cryptsetup luksOpen /dev/sda3 sda3 --key-file mykeyfile
#cryptsetup luksAddKey /dev/sda3 --key-slot 1 --key-file mykeyfile5. Moving key file to usb stick MBR
#lsusb -v | grep -A 5 Vendor
#echo 'KERNEL=="sd*", ATTRS{serial}=="$SERIAL", SYMLINK+="$SYMLINK%n"' > /etc/udev/rules.d/8-usbstick.rulesQUESTION: With what I should replace $SYMLINK value?
#udevadm trigger
ls /dev
#dd if=path_to_my_key_file of=/dev/my_usb bs=512 seek=4
shred --remove --zero secretkeyDuring the steep 12 I will modify menu.lst with the following:
#kernel /vmlinuz26 root=/dev/hda3 ro vga=791 cryptkey=/dev/my_usb:2048:2048QUESTION: Where do I find path for "cryptkey=/dev/my_usb"?
QUESTION: Where do I find correct values for offset and size?
6. Swap
#echo swap /dev/sda2 SWAP "-c aes-xts-plain -h whirlpool -s 512" >> /mnt/etc/crypttab7. Creating PV, then VG. Expanding VG and creating LV.
#pvcreate /dev/mapper/sda3
#pvdisplay
#vgcreate VolGroup00 /dev/mapper/sda3
#vgextend VolGroup00 /dev/sdb1
#lvcreate -L 40G VolGroup00 -n usr
#lvcreate -L 40G VolGroup00 -n tmp
#lvcreate -L 40G VolGroup00 -n var
#lvcreate -L 40G VolGroup00 -n srv
#lvcreate -L 40G VolGroup00 -n opt
#lvcreate -L 40G VolGroup00 -n local
#lvcreate -L 70G VolGroup00 -n root
#lvcreate -L +100%FREE VolGroup00 -n home
#lvdisplay8. FS and mount.
#mkfs.ext2 /dev/sda1
#mount /dev/sda1 /boot
#vgchange -ay
#mkfs.reiserfs /dev/mapper/VolGroup00-root
#mount /dev/mapper/VolGroup00-root /Mount remaining LV to theirs respective mount points.
9. /arch/setup
Select Packages
10. /arch/setup
Install Packages
11. /arch/setup
Configure the system
/etc/rc.conf
USELVM="yes"
/etc/mkinitcpio.conf
MODULES="reiserfs"
HOOKS="base udev autodetect pata scsi sata usb usbinput encrypt lvm2 filesystems keymap"
12. /arch/setup
Install Bootloader
/boot/grub/menu.lst
kernel /vmlinuz26 cryptkey=/dev/my_usb:2048:2048 cryptdevice=/dev/sda3:lvm root=/dev/mapper/VolGroup00-root ro
13. Reboot
ADDITIONAL QUESTIONS
1. I'm using ReiserFS as I want to have cryptocompression for which, if I understand correctly, I need to path my kernel. Is this is the way to do it: follow all above steps, install Arch and configure it, reboot, path the kernel, reboot again.
2. Regarding steep 4, creating the udev rule for usb stick - do I have to repeat it during steep 10? If yes, how I should do it - simple repeating of steep 4 will be sufficient?
3. Should I repeat steep 5 (swap) during any point of installation or afterwards?
Thanks for reading this rather lengthy post! Comments, suggestions and corrections will be most appreciated!
Offline