How to install Ubuntu 14.04 on encrypted MBR partitions

Ubuntu 14.04 encryption passphrase

This tutorial shows how to install Ubuntu 14.04 on encrypted MBR partitions. It is only slightly different from Manual full disk encryption setup guide for Ubuntu 13.10 & Linux Mint 16. The only difference: A partition mounted at /home is not part of the mix. But there’s no real reason for not creating a separate partition for home. I just wanted to demonstrate that this is possible with Ubuntu 14.04’s installer after a comment to the contrary by a site visitor.

The objective here is to install Ubuntu 14.04 by creating a custom set of encrypted partitions. To prove that this works, I first created these partitions in a virtual environment (using VirtualBox), with 250 GB of storage, then repeated the procedure on real hardware with a 320 HDD. Keep in mind that this is a general guide for creating encrypted Ubuntu 14.04 partitions on a computer with MBR partitions (Legacy BIOS) and with Ubuntu 14.04 the only OS on the hard disk drive (HDD). You should, however, be able to use this same instructions to install Ubuntu 14.04 alongside any other OS on the same HDD.

To start, download an installation image of Ubuntu 14.04 from here. Transfer it to a USB stick or burn it to a DVD. Then boot the target computer from the installation media and start the installer. Click through the first few steps until you get to the disk partitioning options step shown in this screenshot. From there, select the Something else option, then click Continue.
Ubuntu 14.04 partition methods

Related Post:  Nuvola Player: Enjoy all your Cloud music services from one interface

That should bring you to the Advanced Partitioning Tool‘s window. From here, you can create any number of partitions that you want. For this tutorial, only boot, root and Swap partitions were created. The boot partition comes first, followed by the root and swap partitions. The root and swap partitions will be encrypted. To create the first partition, select the free space, then click the + button.
Ubuntu 14.04 advanced partition tool

That should open the partition editor. Here, you should see the total number of free disk space available for use. The other options you have to modify or specify are the “Use as” and “Mount point” menus.
Ubuntu 14.04 partition editor

For the boot partition, a disk space of 250 MB should be enough. The mount point should be /boot. From the “Use as” menu, the default file system should be good. You may also select Ext2 or even Ext3 from the menu. Click OK after you’ve made the right selections.
Ubuntu 14.04 boot partition

The next partition will be used as the main (root) partition, but you won’t be able to specify the mount point here. You do, however, need to specify enough disk space to install and run the system. Then from the “Use as” menu, select physical volume for encryption. Then specify and confirm an encryption passphrase in the fields that appear. OK
Ubuntu 14.04 encrypted root partition

Related Post:  WireGuard: Great piece of software or not so much?

The last partition will be used for Swap. The practice now is to allocate 2 GB (2000 MB) on a 32-bit system and 4 GB (4000 MB) on a 64-bit system. From the “Use as” menu, select physical volume for encryption. Then specify and confirm an encryption passphrase in the fields that appear. The encryption passphrase can be the same as the one you used for the previous partition, or you could specify a different one. OK.
Ubuntu 14.04 encrypted swap partition

Back to the main partitioning window, you should see all the partitions you just created. Here is where we need to specify the mount points for the encrypted partitions. To do that, double-click on any one.
Ubuntu 14.04 encrypted partition

For the partition that you intend to use as the root partition, select / from the “Mount point” menu. OK.
Ubuntu 14.04 root partition

For the other partition, select swap area from the “Mount point” menu. OK.
Ubuntu 14.04 swap partition

That should do it. You may now click on the Install Now button to continue with the rest of the installation.
Ubuntu 14.04 partitions

After installation and reboot, you will be prompted to enter the encryption passphrase you specified during installation. And you will have to enter the encryption passphrases for each partition you created.
Ubuntu 14.04 encryption passphrase

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer run network ads?  Yep, no more ads from the usual suspects that track and annoy you across the Internet. But since I still need to pay to keep the site running, feel free to make a small donation by PayPal or your favorite cryptocurrency.

  • Bitcoin
  • Ethereum
  • Xrp
  • Bitcoin cash
  • Bitcoin sv
  • Litecoin
  • Binance coin
  • Cardano
  • Ethereum classic
Scan to Donate Bitcoin to bc1qzvlte2m224zkayhdc7fdfjkp2rsgt0l5a496ua

Donate Bitcoin to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0x0F4362DFF77F3Ba0Dc637F5f3Eba35D09a2fA60C

Donate Ethereum to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Xrp to r4ggjvL36njsMCYTkJ3S7cTHscPsMsSGQv

Donate Xrp to this address

Scan the QR code or copy the address below into your wallet to send some Xrp

Scan to Donate Bitcoin cash to qrs0dedzp9t55af3nfwypydghp29r0xguy9s20fz2k

Donate Bitcoin cash to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin cash

Scan to Donate Bitcoin sv to 15K9TLyVDBtLuG9cYvXCX9SSkq9C9oUKHK

Donate Bitcoin sv to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin sv

Scan to Donate Litecoin to LetJ9QQMb7u2LMZ9Tu6rtHwcBcQFW98fbG

Donate Litecoin to this address

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Binance coin to bnb1ga8trq08ssqepd90v6225nzfgy448pu5pw8gxp

Donate Binance coin to this address

Scan the QR code or copy the address below into your wallet to send some Binance coin

Scan to Donate Cardano to addr1qx2354yw49etstfljpdhwja3ajjlt487lg95vu9ngy2q6vu4rf2ga2tjhqknlyzmwa9mrm997h20a7stgectxsg5p5esq5l7d9

Donate Cardano to this address

Scan the QR code or copy the address below into your wallet to send some Cardano

Scan to Donate Ethereum classic to 0xcD6CC972a2297FcafACDcfE042C55C69516a9264

Donate Ethereum classic to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum classic

Subscribe for updates. Trust me, no spam!

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

Upcoming events

8 Responses

  1. This was very easy and helpful – works great with dual boot setup, just resize Windows down first, then use these docs to setup the free space for Linux.

    A suggestion is not to create a separate swap partition but add a swap space within the encrypted file system. Google for swap file ubuntu and you will find some instructions from Digitalocean which will apply.

  2. Salut and thank you very much for your great tutorial on how to install an encrypted Ubuntu.
    You can even use this on your stick but don’t forget to set the right device to write your mbr! ;-D

  3. Doing luks container encryption through the install without the ability to use lvm inside the container during the install is going backwards. In Linux Mint there is a much better way to do it via a script and someone in the know should be able to easily adapt it to Ubuntu (and probably) even Debian. Originally the script was used for Linux Mint Debian Edition 2 (LMDE2) but has recently been adapted to include main line (Ubuntu derivative) Linux Mint 17.1 and 17.2. The script is the one offered by Pepas and it can be located in this Linux Mint forum thread:

    http://forums.linuxmint.com/viewtopic.php?f=241&t=194031&p=1069325#p1069325

    or directly from here:

    https://raw.githubusercontent.com/pepa65/lmdescrypt/master/lmdescrypt

    I recommend you read at least the 2nd page of the forum thread for some background and familiarization. Instructions for installing and selecting your settings are included in the script you download. Just open it as text, read and make your settings changes prior to running. Keep in mind that you can change the ‘/data’ lv in the settings to be a ‘/home’ lv if you wish.

  4. Mathetes ( above ) has the answer. Can anybody be serious about setting up a system requiring at start up a password for each encrypted partition when, by using the 12.04 alternate CD the same thing could be achieved ( by using LVM ) with one password. We have gone backwards in that respect.

    I am just moving from 12.04 to 14.04 and have now probably many hours of work ahead to reseach how to achieve on 14.04 what was much easier on 12.04

  5. Great procedure except this part:

    “For the boot partition, a disk space of 250 MB should be enough.”

    This is where ubuntu stores header images during kernel updates– and there are a lot of those in 14.04! You eventually run out of space. I would do a couple of GB for /boot.

  6. Ubuntu 14.04 does not allow using LVM after encryption, then making a lvg and lv’s for /, /home, swap and other partition. Instead you need to create one encrypted partion for /, one encrypted partition for /home (using passwords or keys) and one partition for swap. LVM gives more flexibility.

  7. What about Ubuntu Server. I have installed Ubuntu Server 14.04 minimal install and install VirtualBox on my computer to run Windows 7 virtual machine. I would like to have virtual guest snapshots, so I did it this way.

    How to do the same thing as in article for Ubuntu Server. I don’t want to establish LVM and RAID – this is my PC running Ubuntu Server, so don’t have a knowledge and hardware (like multiple disks) to establish LVM/RAID.

    Is there a way to do this on Ubuntu Server. I have tried creating boot partition (no problem), created root and swap partitions defining ‘physical volume for encryption’ (no problem), but now I am stuck, how to define mount point for root and swap partition?

Leave a Reply to finid Cancel reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.