0

I would like to create a Ubuntu/Ubuntu (23.04) dual boot system (one personal and the other for work) where both distributions are encrypted. I would also like to have a shared partition for common data/apps.

I found many tutorial on how to achieve this with a windows/Ubuntu system, however I could not find any specific to Ubuntu/Ubuntu.

Any one help on this?

GZZ
  • 121
  • With the GUI you can create an Ubuntu installation that takes the entire drive. In order to create a dual boot, you would need to setup the partitions/volume groups etc manually. I was wondering if there is any documentation I can refer to, or general steps I need to follow – GZZ Apr 26 '23 at 08:45
  • OK I understand. I've actually written an answer that covers exactly that See: How do I install Ubuntu with full disk encryption without having to "erase everything"? Let me know if you have questions or encounter snags. The example uses Windows as the preexisting operating system but that doesn't matter. – Nmath Apr 26 '23 at 08:50
  • In short, you need to create a LUKS encrypted partition for / and an unencrypted /boot partition. You need to flag each of those as such. Then define where your system's EFI partition is located. – Nmath Apr 26 '23 at 08:58
  • Would it be possible to also have the boot partition encrypted? – GZZ Apr 26 '23 at 09:00
  • 1
    I'm not sure to be honest but I also can't see how it would be necessary unless you have a very unique threat model. It only contains the kernel, kernel modules, and boot instructions. No personal files or even cache/swap that you could sniff to infer other data on your system. Also, EFI can't be encrypted. – Nmath Apr 26 '23 at 09:08
  • 1
    As far as a shared data partition you can set up an additional LUKS partition during manual partitioning. Or you can do it before you install the system(s) or after -- using your disk partitioning tool of choice (like gnome disk utility) – Nmath Apr 26 '23 at 09:10
  • Seems like it would be much simpler to use (and maintain) a VM on a normal encrypted system than encrypted-dual-boot. A shared data partition between home/work systems is a red flag suggesting that the two aren't really completely separate. which also suggests a VM might be usful. The desire for encrypted /boot is puzzling, suggesting that you have requirements as yet undisclosed in the question. You will get the best advice if your question is complete. – user535733 Apr 26 '23 at 11:34

1 Answers1

0

I am not sure if a shared partition is even possible or not. Although you can create encrypted boots while installing your Linux Distro. In the 'Partition disks' window during installing your Ubuntu(or any other distro), you are given few options such as-

  • Guided- use the largest free space
  • Guided- use entire disk
  • Guided- use entire disk and set up LVM
  • Guided- use entire disk and set up encrypted LVM
  • Manual

Choose the option with 'encrypted LVM' and that should do the work for you.

Satyam Singh Virat
  • 1