Installing UBUNTU Linux with full hard drive encryption

Install Ubuntu

The process to install Ubuntu should be straightforward until you reach the following screen:

Here is where you are asked whether you with to encrypt your home directory. If your main concern is protecting the confidentiality of your data at rest when your computer is turned off, encrypting the home directory is not necessary as we are going to be encrypting the entire hard drive. If you are a bit more paranoid and wish to also encrypt your home directory so that your data remains encrypted when your computer is powered on but you are logged out, then you may wish to also encrypt your home directory however enabling both forms of encryption (i.e. encrypted home directory on top of full disk encryption) will result in a performance hit.

Proceed with the installation until you reach this screen:

You have two alternatives to enabling full disk encryption: The easiest one is to let the installer configure the partitioning and encryption settings for you by selecting “Guided – use entire disk and set up encrypted LVM”. The second alternative is to select “Manual” and manually setup your partitions (root, swap, boot, etc.), select your file system types, and specify your encryption settings. The guided installation sets up LVM with ext4 as your root partition, using 256-bit AES encryption in cipher-block-chaining mode, whereas in the manual mode for your encryption settings you can select AES or serpent ciphers in 128, 192 or 256-bit keysizes. Those not comfortable or familiar with setting up partitions for Linux systems should select the Guided approach.

Continue on until you reach this screen:

Here is where you select your disk encryption password which you’ll need to specify every time your computer boots up. It is important to stress that the strength of your encryption is highly dependent on the complexity of your passphrase. A passphrase of 20 characters or more in length is recommended. DO NOT forget this passphrase!

Continue with the installation until it completes and your system boots into Ubuntu for the first time. Once it boots up, it shouldn’t be long until you get prompted to install many updates. Do so, reboot, and continue on.


One thought on “Installing UBUNTU Linux with full hard drive encryption

  1. Pingback: Creating Secure File Upload/Download sites using UBUNTU Server | Andrew's blog of things

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s