Zemanta Related Posts Thumbnail

Full disk encryption and LVM configuration in Ubuntu’s graphical installer

Ubiquity, Ubuntu Desktop‘s graphical installation program, is very easy to use, very newbie friendly, but it lacks support for full disk encryption, LVM, the Linux Logical Volume Manager, and RAID. On a desktop system, I do not care very much about RAID, but full disk encryption and LVM are must-haves.

Well, it looks like from Ubuntu 12.10, due in late October, Ubiquity will have support for full disk encryption and LVM. The test build that I installed in a virtual machine shows that the implementation is still in the early stages, but it also shows how easy it will be to configure both features when the final release hits the digital shelves.

The following screen shots show the options in the installer and the default configuration. The test system already had the alpha version of Ubuntu 12.10 on it, so if you choose the first option, LVM and disk encryption are not available.
LVM and Encrypt

They are only available if you opt to erase the disk and install Ubuntu standalone.
LVM and Encryption

When LVM is selected, the system creates three partitions by default: A primary partition (sda1) mounted at /boot of about 228 MB in size; an extended partition initialized for use by LVM (this is the Physical Volume), with two logical volumes created under it. The logical volumes are for root and Swap. So unlike the default setup in Fedora, there is no separate logical volume for /home.
LVM  Partitions

If the LVM and disk encryption options are both selected, you will have to specify a security key or passphrase that will be used to encrypt and decrypt the disk. Currently, the installer does not check the strength of the security key, even allowing you to set a 1-character security key. That is obviously not good, but I expect that to be rectified before the final version is released.
Disks Encryption Passphrase

With disk encryption configured, you get this screen on each reboot.
Encryption Passphrase

And this just shows the disk layout as seen from the disk management utility. Selecting LVM and disk encryption creates an encrypted LVM volume, because the Physical Volume is encrypted. Note that LVM and disk encryption have not been implemented in the Advanced Partitioning Tool. But that, too, should be in place by late October.
Encrypted LVM

Please share:

10 Responses

Leave a Reply to Jeremy Cancel reply

Your email address will not be published. Required fields are marked *