Encrypt disk in Ubuntu


I installed  a Ubuntu 12.04 desktop by using the 12.04.2 alternate CD. After generated a distribution iso, I found the disk encryption feature was not included in the custom install process. To make the new iso support disk encryption, I wrote a script. Here is how it works:

1) Boot from the live CD.

2) Run the script (the codes can be found at the bottom).

image

3) The script will set up the partitions and ask you to provide the encryption passphrase.

image

4) Choose the language.

image

5) Choose Continue.

image

6) Choose ‘Something else’.

image

7) Choose /dev/mapper/sda5_crypt as the mount point for / and /dev/sda1 as the mount point for /boot, then click ‘Install Now’.

image

8) Click ‘Continue’.

image

9) Choose location.

image

10) Choose Keyboard

image

11) Choose ‘Continue testing’.

image

12) The script will automatically configure the newly installed system and reboot.

13) The system will ask for the encryption passphrase after reboot.

image

image

image

#!/bin/bash

# Wipe existing partition
dd if=/dev/zero of=/dev/sda bs=512 count=1

# Set up partition
(echo n; echo p; echo; echo; echo +300M; echo n; echo p; echo; echo; echo +2G; echo n; echo e; echo; echo; echo; echo n; echo l; echo; echo; echo t; echo 2; echo 82; echo w) | sudo fdisk /dev/sda

sudo fdisk -l

# Encrypt disk
sudo cryptsetup -y -v luksFormat /dev/sda5
sudo cryptsetup luksOpen /dev/sda5 sda5_crypt

# Format disk
sudo mkfs.ext2 /dev/sda1
sudo mkswap /dev/sda2
sudo mkfs.ext4 /dev/mapper/sda5_crypt

# Install Ubuntu
ubiquity –desktop %k gtk_ui

# Configure the new system
sudo mount /dev/mapper/sda5_crypt /mnt
sudo chroot /mnt mount /proc
sudo mount –bind /dev /mnt/dev
sudo chroot /mnt mount /boot

echo “sda5_crypt UUID=`sudo blkid -s UUID -o value /dev/sda5` none luks” | sudo tee -a /mnt/etc/crypttab

sudo chroot /mnt update-initramfs -u
sudo umount /mnt/proc /mnt/dev /mnt/boot /mnt
echo rebooting…
sudo reboot

download_icon

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s