2012-11-28

Full-disk encryption on Linux Mint 14

UPDATE 2014-06-29: Unfortunately, when I updated the comment system to use Google+, it cleared out the old comments, which happened to be somewhat helpful.

I have just tried, and failed, to get full-disk encryption on Linux Mint 14 (see also this Ars Technica review). I'm writing this post in the hopes that someone can figure out how to get it to work.

As part of my university's ongoing efforts to improve data security, we have just been required to encrypt the drives on our work-issued laptops.

Ubuntu 12.10 Quantal Quetzal introduced the full-disk encryption option into their default installer. Previously, it was only available via the text-mode installer available on a separate "alternate" image. However, despite using Quantal for several months, I find the Unity GUI really annoying, and decided to try Linux Mint 14 with the Cinnamon desktop GUI. The Cinnamon GUI is a GNOME 3 fork, so it uses 3D compositing, but presents a GNOME 2-like interface (or Windows-like), which I prefer.

Unfortunately, Linux Mint 14 did not adopt Quantal's Ubiquity installer, so the full-disk encryption option was not available. Andreas Haerter has written a good guide to full-disk encryption on Ubuntu prior to 12.10, and included a shell script which automates a lot of the process. I made some small modifications to the script for Mint: renaming LVM volume names, using optimal alignment in parted. However, Ubiquity now crashes after I specify the mount points and it starts doing the install proper.

Maybe someone out there has an idea of what might be broken?

My modified script is here:


Posted by at
Labels: , , , ,

4 comments:

  1. unununiumNovember 28, 2012 at 12:55 PM

    I ran into a similar problem while trying to install Mint 14 on an encrypted drive. I found the same script and managed to get it working. However, I made a number of changes that fit with my requirements. These include the option of dumping LUKS restore files to the Live install environment, creating a recovery (additional) passphrase, removing the separate /home partition, and adding an option to try a kludgy fix for boot-time black screen problems related to the passphrase prompt. I also opted to make the /boot partition 256MB.

    If you'd like to try the script, it's at http://pastebin.com/z4rP8miW

    If not, you might try calling ubiquity with sudo. That caused some problems for me.

    ReplyDelete
    Replies
    1. AnonymousNovember 28, 2012 at 2:59 PM

      Thanks! I'll take a look and give yours a try.

      Delete
    2. AnonymousNovember 29, 2012 at 12:18 PM

      Ah, that's great! It worked. I'll have to examine your script to see what you did that's different from the base script. Thanks again!

      Delete
  2. Theo GregoireDecember 23, 2012 at 7:26 AM

    FDE Full Disk Encryption for Linux Mint 14 Nadia:

    http://www.conneco.co.uk/Full-Disk-Encryption-for-Linux-Mint-14-Nadia

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)