How to Dual-boot Linux with Full-Disk Encryption (LUKS/LVM)
ฝัง
- เผยแพร่เมื่อ 29 พ.ค. 2024
- In this video, I show you how to install another operating system (such as Windows) alongside a Linux installation with full-disk encryption set up (with LUKS).
I demonstrate this with installing Windows alongside a Ubuntu installation installed on an LVM setup with encryption (LUKS).
Disclaimer: I would strongly recommend MAKING A BACKUP before doing this, just in case anything goes wrong during this process, as there is the potential for data loss!
Prerequisites:
1. A Linux install media (with a live desktop)
Commands used in this video:
Show disks and partitions: sudo fdisk -l
Unlock LUKS partition: sudo cryptsetup luksOpen [partition] [label] (example: sudo cryptsetup luksOpen /dev/sda3 sda3_crypt)
Show logical volumes: sudo lvs
Shrink a logical volume: sudo lvreduce -r -L -[desired size] [volume] (example: sudo lvreduce -r -L -64G ubuntu-vg/ubuntu-lv)
*Make sure you have this command EXACTLY RIGHT before hitting "enter", or you may lose data!
Show where logical volumes are, on the physical space: sudo pvs -v --segments
Move a logical volume: sudo pvmove --alloc anywhere [PE ranges] (example: sudo pvmove --alloc anywhere /dev/mapper/sda3_crypt:31273-32207)
Mount a partition: sudo mount [partition] [mount point] (example: sudo mount /dev/mapper/ubuntu--vg-ubuntu--lv /mnt)
Reinstall the GRUB bootloader: sudo grub-install --root-directory=/mnt [device] (example: sudo grub-install --root-directory=/mnt /dev/sda)
Edit GRUB configuration file: sudo nano /etc/default/grub
Update GRUB configuration: sudo update-grub
Join this channel to get access to perks:
th-cam.com/users/drewhowdentec... - วิทยาศาสตร์และเทคโนโลยี
Rock on Drew!!
Very interesting... Nice demo!
I was looking for an on-metal dual boot solution as I have Windows on a secondary SSD ecrypted with BitLocker. I intend on using FDE on the primary SSD to include the linux boot partition also, for snapshotting. I wonder if the prober will work in this scenario. So, two physical drives; first partitioned with EFI + LUKS2 (Boot/Root); second partitioned as default with Bitlocker.
Some observations also (if it helps);
- I do think `open` works just the same as the older alias `luksOpen`.
- For clearing the terminal screen; CTRL+L should do the same without clearing the buffer completely - sometimes you need to refer back.
I've never tried os-prober with multiple drives, so I don't know if it will detect operating systems on other drives.
@@DrewHowdenTech I see. It's worth researching. I haven't got around to it but I think that what the os prober does under the hood is scan all partitions for an efi/boot signature and then if found loads it in. Assuming this theory, it would work, like as if you run `lsblk`
thanks
i was just about to dual boot
but i wont be doing disk Encryption
would have bought membership but rn i cant realy affored it but would love to be a member
i am using windows and linux dual boot so i gett better perfromence in certian games what must put for allocated storage still never install ubuntu
Sorry what are you asking?
@@DrewHowdenTech how much storage should I make the partition for linux I have 237GIB of NVME strorage and 92GIB used by windows Is a 80gb partition fine for Linux as a secondary OS
That really depends on your needs. What do you plan to do with this Linux installation?
Based on what you said, it sounds like you have 145 GiB available for Linux.
@@DrewHowdenTech yes but I want space for windows as well what do you think will be a good
Amount of data for each OS
Also for linux is it the same amount of cpu usage as it normally would be when you use the try option
@@DrewHowdenTech also 145 is free on the disk rn
what does disk Encryption do and what are the benafits
Ahh, glad you asked! Encryption scrambles your data, requiring a secret "key" to unscramble, so that no one else can read it.
With this setup, when you boot into your Linux, before the OS can load, you will be prompted to enter your encryption passphrase (which you set on installation).
This is particularly useful on laptops, which can easily be stolen.
@@DrewHowdenTech ok I think im fine without it because I have a Kensington lock
@@DrewHowdenTech yep I think that also make your work and laptop more secure also it saves it on the tpm that's why windows 11 has tpm 2.0 req so I did know what it is more or less
Tho the problem with tpm 2.0 is if you laptop or pc breaks by the mother board that it was in it can make it hard to access your data I have this problem before so I had the pass word for the drive but it never work
Even with a Kensington lock, I'm sure someone with bolt cutters could cut it in a few seconds. And since most laptops are made out of cheap plastic, I imagine that if someone were to pull with enough force, it would probably break away.