top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

install or boot fedora with encrypted partition

0 votes
487 views

I tried to encrypt the disk (option in Fedora) and failed because /boot can not be in encrypted partition. I have only one HDD and it appears that the encrypted option is for the entire HDD. Is there any place in the new Anaconda where encryption can be done for selected partitions? Where? Do I have other options (beyond getting rid of encryption, which may be just too esoteric for me in the first place)?

posted Jul 14, 2013 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

1) The /boot partition must of course remain unencrypted, otherwise you can't boot your encrypted system at all.

2) It's in the partition section, you'll have to choose "no encryption" and in the "manual partitioning" section you can enable it for non-system partitions.

answer Jul 15, 2013 by anonymous
Are you sure about that?
Afaicr grub2 was supposed to be able to have /boot inside the encrypted area.
(there still remains some unencrypted disk-blocks though)
This is the first time I hear that, and I wonder what kind of messy hack that would have to be.

A separate /boot with kernels, initramfs, memtest86+, looks like a saner approach.
The encrypted part will happily contain everything else (the system, your data, the swap, including the hibernation data).
Similar Questions
+1 vote

I tried to upgrade a system to fc18 using fedup. The root is encrypted. I first updated fc17 to the latest packages and rebooted, then run fedup using a locally mounted ISO image and "--network 18" which ran to uneventful conclusion. On reboot the password was supplied and the system ran for about five hours (was reading a book and checking every chapter or so), and after the next reboot the system crashed during boot.

On a reboot the list of boot options appeared, but none continued, unable to find a filesystem, and not ever asking for a LUKS password. A boot from recovery drive showed no usable data on the internal drive, it was not marked as LUKS (as far as I can tell), not password was requested, no filesystem was found, an
attempt to mount the partition manually resulted in no password prompt and no filesystem identified.

With no working way to upgrade and about 17 more to do, if I have to back up and hand install a new OS, it sure won't be Fedora, the upgrade process only works about 50% of the time on unencrypted systems, and there seems no working path on encrypted. The old "update" worked so reliably, can't the developers admit fedup was a bad idea and and return to a sane update procedure?

+1 vote

I have a running Fedora 21 system. I would like to make a backup of it to a USB drive, a clone that can be booted. I know how to do all the "normal" stuff (partition, LVM, mkfs, rsync, and GRUB), but I'd like the USB drive to be encrypted, and I don't know how to set that up manually (I haven't messed with encrypted filesystems under Linux before).

The system I'm backing is also headless, so no GUI tools. Any Pointers, tips, suggestions?

0 votes

I know this is an easy one, but I can't seem to find the current correct way to do it. I've got a TB HDD that I need to change the LABEL on. Currently it's 'LIVE' (it's an old production drive) and I really want to just remove the label altogether and mount it with the UUID of the drive.

What's the best and most current way to do it? I was thinking e2label will do it, but it's been so long since I've done it, I'm playing it safe.

+2 votes

I downloaded the 32 bit ver of xface fedora spin . I burned it to DVD. After I try to boot it will not boot at all so I try to re download it try to burn it again it dose burn it all the way and pass. But when I try to boot off DVD it dose not boot . So I try a burn copy of the 64bit ver and it boot's just fine . Any ideas

...