Partner links

Linux and BSD desktop distributions with support for disk encryption

Disk Encryption CentOS 6

Disk encryption is not something most personal computer users think of when they consider ways to boost the security profile of their computer. A firewall? Yes, that in the minds of most is what computer security is all about. However, a firewall is a network security tool, and it is useless if your computer is lost or stolen. That is when disk encryption comes into play. And if you truly care about guarding access to your data, encrypting the hard drive holding it is just as important as a firewall.

So, how does encrypting a hard drive, protect your data?

Well, if a hard drive (or the most important part of it) is encrypted, the computer will not boot completely until the passphrase or encryption key used to encrypt the hard drive is specified correctly. Even if the hard drive is removed from the original computer, the system will not boot if the encryption key is not specified. That is how it protects your computer (and data) from unauthorized physical access.

The first two images show what happens when a computer with an encrypted disk boots up. This one is from Mandriva, one of seven distributions listed in this article.
Startup screen

And this one is from Sabayon, also one of the seven. Whether the interface presented is graphical or full of a bunch of text, the effect is the same. Without specifying the encryption key, you cannot login. And if your lose the computer, or someone steals it, or if an agent of your government seizes it, they will need the passphrase from you to log in.
Sabayon 6 Passphrase Prompt

The focus of this article is on distributions with graphical installation programs. When installing such distributions, the installer only allows you to specify one passphrase or encryption key. However, you may configure seven more (for a total of eight) after installation. How to manage disk encryption passphrases and key slots, explains how.

Without further ado, here are, in alphabetical order, the distributions with support for disk encryption.

  1. CentOS: – CentOS, Community ENTprise Operating System, is a multi-purpose distribution based on Red Hat Enterprise Linux. It uses the Anaconda installer, also used on Fedora and Sabayon. It uses LVM, the Linux Logical Volume Manager, as the default disk partitioning scheme and to install it on an encrypted disk, all that is required is to select the “Encrypt system” option at the disk partitioning methods step.
    Disk Encryption CentOS 6
  2. Debian: – Debian is a grand daddy of Linux distributions. It has an automated partitioning mode that encrypts a disk when setting up LVM. And, of course, you can also encrypt the disk without LVM.
    Debian Disk Encrypt

  3. Fedora: – LVM is the default disk partitioning scheme on Fedora, and like Debian, Fedora makes it very easy to encrypt a disk. Just select the “Encrypt system” option at the disk partitioning methods step and the installer will encrypt the Physical Volume.
    Partition options

    Even with the Physical Volume encrypted, you may also encrypt the logical volumes. And like Debian, if you choose to not use LVM, you can still encrypt the target disk.

    The following articles show how to configure disk encryption on Fedora:

  4. Mageia: – Mageia is a fork of Mandriva, and uses the same installation program. Unlike Debian and Fedora, it does not have an automated encrypted LVM option, but you can still configure encrypted LVM manually.
    Mageia LVM setup 5

    And without LVM, you can still encrypt the disk or disk partitions.
    Mageia Btrfs 8

    These articles show how to configure disk encryption on Mageia 1:

  5. Mandriva: – The installation program on Mandriva is the same one used on Mageia. LVM and non-LVM encryption schemes can be configured. How to configure encrypted LVM on Mandriva 2010 Spring gives a step-by-step guide on how to do it.
  6. PC-BSD: – The most popular BSD desktop distribution, based on FreeBSD. In the last stable release (PC-BSD 8.2), individual partitions or slices can be configured for encryption.

    In Snapshot releases of PC-BSD 9, which will be the next stable release, an option at the disk configuration step provides an automated encryption mode for the configured partitions. Unlike the Linux distributions in this article, PC-BSD’s installer can auto-generate the encryption key, besides the option to specify one manually. If you are new to PC-BSD, how to install PC-BSD on an encrypted ZFS file system is a good article to read.
    Disk Encryption on PC-BSD 9

  7. Sabayon: – Sabayon is a multi-purpose Linux distribution based on Gentoo, but uses a slightly modified version of Anaconda, the installation program on Fedora. The installation steps are the same as the original Anaconda, and you can use the same article written for Fedora to configure disk encryption on Sabayon. Disk encryption on Sabayon 5.3 shows how it is done on an older release. The latest stable release is Sabayon 6. Reviews of the GNOME and KDE editions have been published here and here.
  8. Ubuntu Alternate Installer: – Ubuntu supports disk encryption. However, it is not on the popular edition, that is, the edition with a graphical installer. To install Ubuntu on an encrypted disk, you will have to use the alternate installer edition, which uses an ncruses installation program, a slightly modified version of the Debian ncurses Installer.
    Ubuntu Disk Encrypt

    The following articles showing how to configure disk encryption on Ubuntu:



Partner links

Newsletter: Subscribe for updates

Notify of
Inline Feedbacks
View all comments
12 years ago

openSUSE also supports encryption&LVM. It does much better job then Debian (I didn’t test the others).

12 years ago

PCLinuxOS has support for encrypted partitions in a full GUI.

12 years ago

Actually Ubuntu Alternate Installer is Debian default installer.

Get the latest

On social media

Security distros

Linux distros for hacking and pentesting

Crypto mining OS

Distros for mining bitcoin and other cryptocurrencies

Crypto hardware

MSI GeForce GTX 1070
Installing Nvidia GTX 1070 GPU drivers on Ubuntu

Disk guide

Beginner's guide to disks & disk partitions in Linux

Bash guide

Bash shell terminal
How to set the PATH variable in Bash
Hya, what do you think? Please comment.x