1

I have a PC with two hard drives. Windows 10 is installed on C: (SSD) and I have an HDD (which is formatted in NTFS, I want to use that HDD for both OSs), Windows is installed in UEFI mode.
I want to buy another SSD and build that one in my PC and install Ubuntu 18.04 on it.

Furthermore I'd like the two SSDs to be fully encrypted (maybe with VeraCrypt). In my point of view I have to do the following steps:

  1. Build in the new SSD
  2. Install Ubuntu on the SSD
  3. After Installation encrypt Windows and Ubuntu Installation with VeraCrypt

Is that the right way? Is there something I have to keep in mind during installation?

Edit (27.07.2018)

I understand, that I have to encrypt Ubuntu during installation with LUKS. What I quite don't know is how to create the partitions. I'll have two partitions:

/dev/sdc1 - fat32 - /boot - 500 MB

/dev/sdc2 - ? - / - rest of ssd size

Do I have to choose ext4 root or do I have to choose physical volume for encryption?

OldTimeRambler
  • 21
  • It's customary to ask one question at a time here, so please click on https://askubuntu.com/posts/1054736/edit and edit this post down to remove the VeraCrypt issue. It should go in a second question, after you're read https://askubuntu.com/help/how-to-ask – K7AAY Jul 13 '18 at 15:40
  • Is it very very very much easier to use the native full disk encryption facilities of the respective operating systems, that is, BitLocker for Windows and LUKS for Linux. – AlexP Jul 13 '18 at 16:13
  • Ok, then I'll use them. Is it better to first encrypt Windows with BitLocker and then install Ubuntu or vice versa? – OldTimeRambler Jul 13 '18 at 16:21
  • It doesn't really matter. Make sure that you install Ubuntu in the same UEFI mode. Note that in UEFI mode you can have only one EFI System Partition (ESP); Windows must have already created it; just remember that it must be mounted on /boot/efi. (Even if you install Ubuntu on the 2nd SSD, the ESP remains on the first SSD. You cannot have two useable EFI System Partitions at the same time.) – AlexP Jul 13 '18 at 17:42
  • If an Ubuntu drive, best to have an ESP on that drive. Easiest way is probably just to disconnect all other drives. You can have more than one ESP, but only one per device or drive active at one time. Full drive encryption uses LVM which is an advanced volume type of partitioning. https://help.ubuntu.com/community/ManualFullSystemEncryption – oldfred Jul 13 '18 at 18:05
  • @oldfred When I disconnect all other drives, how can GRUB overwrite the windows boot manager? Whats the benefit of having the ESP on the Ubuntu drive? – OldTimeRambler Jul 13 '18 at 19:18
  • Only if you do not disconnect drive may Ubuntu overwrite Windows boot. Issue is with UEFI all systems use the ESP - efi system partiiton. But last installed system will reset boot order in UEFI to be first. Windows boot is not erased with UEFI. But with BIOS, Windows boot loader in MBR will be erased. And then you want Ubuntu in Ubuntu drive. If you disconnect a drive, you may have to add UEFI boot entries again, but most UEFI seem to find Windows in any ESP, where they do not find Ubuntu automatically. If you have ESP on Ubuntu drive, you can to boot it directly, when other drive fails. – oldfred Jul 13 '18 at 19:41

2 Answers2

1

Just like @oldfred suggested, it was the easiest method to just disconnect all other drives. Then select "Erase Disk and install Ubuntu" with

  • Encrypt the new Ubuntu Installation for security
  • Use LVM with the new Ubuntu Installation checked.

Ubuntu will be installed encrypted on the new SSD. Switching between the OS is possible through UEFI Boot Menu.

OldTimeRambler
  • 21
0

It is reasonable to install Ubuntu 18.04 on a newly installed SSD which will be the third hard drive in your system.

Let's assume the drives will be /dev/sda SSD, NTFS, C: Windows Boot & OS /dev/sdb HDD, NTFS, data /dev/sdc SSD (new), EXt4, Ubuntu Boot & OS

However, Windows does not share well with others. You should disable the "Faststart" option within Windows before rebooting to start the Ubuntu install.

During install, you will be asked by Ubiquity, the installer app of Ubuntu (and other *buntu distros), how you wish to use the drives for the installation. Please select Something Else when asked how you wish to install, and set the target drive for installing Ubuntu in as that third drive, /dev/sdc .

GRUB2 will replace the Windows Boot Manager during install, and will present you with a plaintext menu every time you boot henceforth with the choice of booting Linux or Windows. Ubuntu will be the first and default choice, and if you do not choose Windows, it will boot into Ubuntu after a few moments.

If during install, you select full disk encryption, LUKS is used by Ubiquity.

K7AAY
  • 17,202
  • Do I have to create a boot partition when I select something else? – OldTimeRambler Jul 20 '18 at 18:07
  • Yes, it is required – K7AAY Jul 20 '18 at 18:25
  • Ok, so I need 4 partitions (boot, root ~ 300MB, swap ~ ram size and home ~ rest of size)? How much space does the boot partition need? – OldTimeRambler Jul 20 '18 at 18:29
  • A) https://askubuntu.com/questions/827491/is-separate-efi-boot-partition-required explains your EFI Boot partition (FAT32) should be 1/3 to 1/2 GB. B) There is no requirement for a swap partition, as swap files have been as fast as a swap partition since 14.x . C) There is no requirement for a separate /home partition. So you only need the EFI Boot partition, and a root partition for everything else, as explained in https://askubuntu.com/questions/6490/is-a-boot-partition-necessary-anymore. – K7AAY Jul 20 '18 at 18:52
  • Thanks so far! The device for bootloader installation would be dev/sda (the first ssd), right? So my config ist the following: /dev/sdc1 - fat32 - /boot - 500 MB; /dev/sdc2 - ext4 - / - rest of ssd size – OldTimeRambler Jul 20 '18 at 19:13
  • (sorry for double post) or do I have to choose physical volume for encryption on root? – OldTimeRambler Jul 20 '18 at 19:25