0

I have a 1000GB hard drive, I just want to install (k)Ubuntu with encryption on the first 100GB of the HD.

however, I only have the option of full disk encryption :

picture why ??

if I choose "custom" or "manual", I can only create partition, but not encrypted...

I looked into how to resize encrypted partition, and as always with linux, it's very long and not user-friendly (and for linux-competent people)

edit : I want the extra space to be used with veracrypt encryption (exFAT or FAT32) so I can use that extra partition on windows and linux.

edit²: I don't want to just encrypt /home, I don't know what kind of private information can be left on the system or elsewhere

Ash
  • 1
  • 1
    Why don't you want to encrypt the whole disk? It's more secure, as data may otherwise leak. – vidarlo May 30 '18 at 16:39
  • What are you trying to accomplish exactly? Please [edit] the question to clarify. Are you aware you can encrypt just your home directory? – wjandrea May 30 '18 at 16:45
  • edited. I don't want just the /home to be secure. I need the extra space for veracrypt (to be used on linux and windows) – Ash May 30 '18 at 16:50

2 Answers2

0

I am not aware of a way to do it during the installation process; but, if you are trying to install Ubuntu 18.04, you can encrypt the entire disk and AFTERWARDS use GParted to resize the encrypted partition to the 100 GB you need.

Bionic Beaver comes with GParted 0.30 which can resize LUKS partitions just fine. Support was added in GParted 0.28

https://news.softpedia.com/news/gparted-0-28-0-adds-partial-read-write-support-for-luks-encrypted-filesystems-512943.shtml

GParted has a very nice GUI to handle partitions, and is included in the live-CD. You can use Disks to check the status of your partition before resizing

  1. LUKS partition unlocked

LUKS partition unlocked

  1. Ext4 partition not mounted

Ext4 partition not mounted

  1. No key in front of the encrypted partition

No key in front of the Encrypted partition

  1. Encrypted partition resized

Encrypted partition resized

zasjls
  • 76
  • did not work : Gparted doesn't let me do anything with the volume, even with "cryptsetup luksOpen". and the partition as a "lock icon" on it. (no lock icon on the volume inside it) – Ash May 31 '18 at 07:58
  • Have you tried with the LUKS partition unlocked, and the underlying ext4 partition not mounted? Lets me resize luks partitions in those conditions. Check the partitions status with 'Disks' and then open GParted. See the images I added to the answer – zasjls May 31 '18 at 15:29
  • https://imgur.com/a/i0VCWw4 . it won't let me do anything. you cannot go below the original size of the encrypted partition. (but, with vmware you can increase the size of the hard drive, so then you can increase the encrypted partition/lvm and decrease it to its original size, but not smaller. (the pic show 10GB, but I also tested with new install with 20GB partition) – Ash Jun 01 '18 at 17:00
  • You might have to settle on encrypting just your home directory with ecryptfs. In that case the partition can be resized for sure with GParted. If you also encrypt the swap space leaks are not very likely to occur – zasjls Jun 01 '18 at 19:00
  • thx, I'll find another way with full disk encryption. really a shame to not have this option at the install. thx for your time. – Ash Jun 04 '18 at 01:24
0

If I understand right, you want to install Ubuntu unencrypted, and leave space for a VeraCrypt partition.

From what I've found, you need to install VeraCrypt from a third-party source before you can use it. (See Recommended way to use VeraCrypt in Ubuntu.) Therefore, you can't set it up during system installation (or maybe it's possible, but probably more difficult than setting it up after).

I'm not sure what's ultimately causing your confusion, but here are the other relevant details:

  • Ubuntu full-disk encryption uses LUKS, not VeraCrypt.
  • You can resize and create new partitions after system installation, using tools like GParted.
    • You could also use manual partitioning and leave an empty space for the VeraCrypt partition, but if you're not familiar with installing Linux, I would recommend one of the the automatic partitioning options.
wjandrea
  • 14,236
  • 4
  • 48
  • 98
  • On reading the question and other answer again, I think I've totally misunderstood. You actually want to install Ubuntu encrypted and leave space for a VeraCrypt partition. – wjandrea May 30 '18 at 21:01
  • you misunderstood, yes xD – Ash May 31 '18 at 06:39