0

I currently have 16.04 LTS running off a usb on an external hdd. using bios boot menu I boot from usb and use ubuntu from the hdd. I can take this between machines and boot into it. But now I need that same setup but encrypted as I may potentially have data on it needing some protection. It can only be 16.04 LTS.

I want Ubuntu 16.04 LTS on my hdd as the only OS on it, and have it encrypted with Luks so it takes one inputted password after I have booted to the usb hdd to use the OS. I don't hibernate but for virtual memory I believe it is important still to have a swap partition and for that to be encrypted too. So I believe I need LVM on Luks to organise this.

I keep finding guides for newer versions of Ubuntu or they want the unencrypted boot part (GRUB I think) on a different device "for security". I'm not very familiar with the tools so I'm not sure what to change from these tutorials to achieve what I want.

opentosolutions
  • 1

1 Answers1

1

If you want Full Disk Encryption start with a Full install to USB

  • Unplug your internal drives so that they do not get overwritten.

  • Boot Live Ubuntu installer USB.

  • Plug in Target USB drive.

  • Start Install Ubuntu.

  • When you get to "Installation type' select Erase disk and Install Ubuntu, Encrypt the new Ubuntu installation..., Use LVM with the new Ubuntu installation.

  • Complete the installation.

Another method if you want an encrypted drive that will work on both BIOS and UEFI computers: How to Make BIOS/UEFI Flash Drive with Full Disk Encryption

C.S.Cameron
  • 19,519