sandbox
Differences between revisions 7 and 59 (spanning 52 versions)
|
Size: 3277
Comment:
|
Size: 1168
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| #title Full Disk Encryption with Manual Control | #title Manual Full System Encryption (with Extras) |
| Line 5: | Line 5: |
| = Full disk manual encryption = | ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents(2)>>|| |
| Line 7: | Line 7: |
| = *&* https://wiki.ubuntu.com/paddy-landau/sandbox = | |
| Line 9: | Line 8: |
| ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents>>|| | = Sandbox = |
| Line 11: | Line 10: |
| == Purpose == | |
| Line 13: | Line 11: |
| This document is for you if you wish to use '''full-disk encryption''' with all of these features: | A sandbox for Paddy Landau to develop documentation. |
| Line 15: | Line 13: |
| * LUKS * encrypted Boot * manual partitioning * LVM * encrypted hibernation * hybrid suspend *&* * dual-booting (optional) * multi-disk installation (optional) |
|
| Line 24: | Line 14: |
| == Organisation == | = Other pages = |
| Line 26: | Line 16: |
| Because the default Ubuntu Installer does not support several of the above-mentioned features, the process is rather more complicated than one would like. Thus, this document is organised into several categories. Please read them in order to prevent being confused. | |
| Line 28: | Line 17: |
| 1. [[/Background|Background]]<<BR>>A summary of the options; features; pros and cons; and purpose and limitations. 1. [[/Basics|Basics of]] entering commands, partitioning, LUKS and LVM<<BR>>If you are new to Linux, or you don't know much about some or all of these, this section is for you. You can safely skip it if you already know about these three things. 1. [[/Overview|High-level overview]]<<BR>>What this process will achieve, and what you need to do to prepare. 1. [[/Process|Detailed process]]<<BR>>Exactly how to prepare your system and install Ubuntu with encryption. It takes into account dual-booting and, optionally, paranoid mode. 1. [[/Troubleshooting|Troubleshooting]]<<BR>>Sometimes something goes wrong and you struggle to figure out what. Messages and errors can seem bewildering, so here are some pointers. |
Other pages by Paddy |
| Line 34: | Line 19: |
| = Caveats = | * [[https://help.ubuntu.com/community/PlayOnLinux|PlayOnLinux]] This is somewhat outdated, but could still be useful for a beginner wanting to use Wine. |
| Line 36: | Line 22: |
| It is important for you to know the possible limitations (described in the [[/Background|Background]]) and the potential problems. | * [[https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap|Enable hibernation with encrypted swap]] For older systems that use encrypted folders but nothing else encrypted. |
| Line 38: | Line 25: |
| * When you install a system, there is always the chance of data loss. | * [[https://help.ubuntu.com/community/PostInstallationEncryption|Post-installation encryption]] For older systems that don't have any encryption, how to encrypt your folder. |
| Line 40: | Line 28: |
| * If the power fails during the installation, you can restart from the beginning or (depending on when the failure occurred) a checkpoint. * No matter how careful you are, sometimes a person makes a silly mistake. For example, you accidentally delete the Windows partition. Therefore, take a '''''full backup of all your data''''' before you start the process. If you know how to use [[http://clonezilla.org/|CloneZilla]], you would be well advised to back up your entire disk beforehand. * The process optionally enables hibernation. While this should work well, some people have reported hardware that doesn't support it. So, you will need to test this on your machine after installation. * A consequence of full-disk encryption is that you need to type in a password or passphrase each time you power on your computer. * If you share your computer with anyone else, that person needs to know the passphrase, even if they only use Windows. * If your passphrase isn't '''strong''', it will be easy for a hacker with physical access to your machine to break the encryption. You can look up "strong passphrase" for yourself; here's a [[https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/|pretty good method]] for paranoid mode. |
* [[https://help.ubuntu.com/community/ManualFullSystemEncryption|Manual full-system encryption]] For newer systems (starting with Ubuntu 16.04), how to install Ubuntu fully encrypted, while optionally being able to dual-boot with other systems, say Windows. |
Contents |
1. Sandbox
A sandbox for Paddy Landau to develop documentation.
2. Other pages
Other pages by Paddy
- This is somewhat outdated, but could still be useful for a beginner wanting to use Wine.
Enable hibernation with encrypted swap
- For older systems that use encrypted folders but nothing else encrypted.
- For older systems that don't have any encryption, how to encrypt your folder.
- For newer systems (starting with Ubuntu 16.04), how to install Ubuntu fully encrypted, while optionally being able to dual-boot with other systems, say Windows.
paddy-landau/sandbox (last edited 2017-04-04 18:58:46 by paddy-landau)