LUKS Post-Install? [solved]

New to Debian (Or Linux in general)? Ask your questions here!

LUKS Post-Install? [solved]

Postby user2635 » 2017-09-29 18:57

Hi all, another noobie question for y'all.

I am dual booting windows and debian, I was wondering if it's possible to do LUKS post-install at this point or whether I literally have to wipe the drive in order to do so.

I am not an expert on partitioning, hope you guys can give your thoughts.

Thanks!
Last edited by user2635 on 2017-10-01 14:00, edited 1 time in total.
phil the linux newbie
debian 9 stable since aug 2017
please teach me linux :)
User avatar
user2635
 
Posts: 71
Joined: 2017-08-05 15:42
Location: Skag Gully, Borderlands

Re: LUKS Post-Install?

Postby p.H » 2017-09-29 20:17

You do not have to wipe anything. But creating a LUKS volume in a partition has the same effects as formatting a partition : it overwrites metadata and makes the existing data unreachable.
p.H
 
Posts: 177
Joined: 2017-09-17 07:12

Re: LUKS Post-Install?

Postby user2635 » 2017-10-01 14:00

Never mind, this was sufficient for me:
https://www.howtogeek.com/116032/how-to ... ng-ubuntu/

Thanks!
phil the linux newbie
debian 9 stable since aug 2017
please teach me linux :)
User avatar
user2635
 
Posts: 71
Joined: 2017-08-05 15:42
Location: Skag Gully, Borderlands

Re: LUKS Post-Install?

Postby lbuiyzxl » 2017-10-30 10:57

user2635 wrote:Never mind, this was sufficient for me:
https://www.howtogeek.com/116032/how-to ... ng-ubuntu/

Thanks!

If you are not need encrypt your home at every time then for convenient:
Keep your unencrypted home.
When you want use your encrypted home use cryptsetup open it and mount it to your current home directory,then pkill -9 $(whoami) to ensure all your program is write to encrypted home device.

If you want encrypt whole system due you worry your system program to been forgery,then at least you need ensure your bootloader or other similar unencrypted binary data or program that handle your decrypt password (such as kernel,initramfs file ,/boot directory, e.t.c.)is can't write or replaced by any ways for attacher.
Because those binary data is can't to encrypted for boot encrypted system;otherwise you can't decrypt your encrypted system and boot it.

BTW:
You can install multiple debian or many other GNU/Linux system to single physically partition by custom your initramfs(initrd.gz)
Also see:
https://www.kernel.org/doc/Documentatio ... tramfs.txt
https://www.kernel.org/doc/html/v4.12/a ... nitrd.html
https://wiki.debian.org/initramfs
https://www.google.com/search?newwindow ... 0zBp9w0YoA
I'm sorry for my bad English skills
I'm don't want to be a nuisance.
lbuiyzxl
 
Posts: 64
Joined: 2017-05-11 08:35


Return to Beginners Questions

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable