This tutorial shows how to install Ubuntu 14.04 on encrypted MBR partitions. It is only slightly different from Manual full disk encryption setup guide for Ubuntu 13.10 & Linux Mint 16. The only difference: A partition mounted at /home is not part of the mix. But there’s no real reason for not creating a separate partition for home. I just wanted to demonstrate that this is possible with Ubuntu 14.04’s installer after a comment to the contrary by a site visitor.
The objective here is to install Ubuntu 14.04 by creating a custom set of encrypted partitions. To prove that this works, I first created these partitions in a virtual environment (using VirtualBox), with 250 GB of storage, then repeated the procedure on real hardware with a 320 HDD. Keep in mind that this is a general guide for creating encrypted Ubuntu 14.04 partitions on a computer with MBR partitions (Legacy BIOS) and with Ubuntu 14.04 the only OS on the hard disk drive (HDD). You should, however, be able to use this same instructions to install Ubuntu 14.04 alongside any other OS on the same HDD.
To start, download an installation image of Ubuntu 14.04 from here. Transfer it to a USB stick or burn it to a DVD. Then boot the target computer from the installation media and start the installer. Click through the first few steps until you get to the disk partitioning options step shown in this screenshot. From there, select the Something else option, then click Continue.
That should bring you to the Advanced Partitioning Tool‘s window. From here, you can create any number of partitions that you want. For this tutorial, only boot, root and Swap partitions were created. The boot partition comes first, followed by the root and swap partitions. The root and swap partitions will be encrypted. To create the first partition, select the free space, then click the + button.
That should open the partition editor. Here, you should see the total number of free disk space available for use. The other options you have to modify or specify are the “Use as” and “Mount point” menus.
For the boot partition, a disk space of 250 MB should be enough. The mount point should be /boot. From the “Use as” menu, the default file system should be good. You may also select Ext2 or even Ext3 from the menu. Click OK after you’ve made the right selections.
The next partition will be used as the main (root) partition, but you won’t be able to specify the mount point here. You do, however, need to specify enough disk space to install and run the system. Then from the “Use as” menu, select physical volume for encryption. Then specify and confirm an encryption passphrase in the fields that appear. OK
The last partition will be used for Swap. The practice now is to allocate 2 GB (2000 MB) on a 32-bit system and 4 GB (4000 MB) on a 64-bit system. From the “Use as” menu, select physical volume for encryption. Then specify and confirm an encryption passphrase in the fields that appear. The encryption passphrase can be the same as the one you used for the previous partition, or you could specify a different one. OK.
Back to the main partitioning window, you should see all the partitions you just created. Here is where we need to specify the mount points for the encrypted partitions. To do that, double-click on any one.
For the partition that you intend to use as the root partition, select / from the “Mount point” menu. OK.
For the other partition, select swap area from the “Mount point” menu. OK.
That should do it. You may now click on the Install Now button to continue with the rest of the installation.
After installation and reboot, you will be prompted to enter the encryption passphrase you specified during installation. And you will have to enter the encryption passphrases for each partition you created.