I want to make sure that I've correctly configured my system to install Linux on a fully encrypted disk (minus /boot). I'm using LVM on LUKS - both of which I've got very little experience with. Here's what I did:
First, I created two partitions.
Code:
/dev/sda1 (100mb. I'll use this for /boot)
/dev/sda2 (Rest of disk. This is the LVM Container)
I then encrypted /dev/sda2:
Code:
cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda2
I opened the LUKS partition:
Code:
cryptsetup luksOpen /dev/sda2 container
So, now I have:
Code:
/dev/mapper/container
I setup my logical volumes:
Code:
pvcreate /dev/mapper/container
vgcreate VolGroup00 /dev/mapper/container
lvcreate -L 20G VolGroup00 -n root
lvcreate -C y -L 10G VolGroup00 -n swap
lvcreate -l +100%FREE VolGroup00 -n home
created filesystems:
Code:
mkfs.ext4 /dev/VolGroup00/root
mkswap /dev/VolGroup00/swap
mkfs.ext4 /dev/VolGroup00/home
and mounted them:
Code:
swapon /dev/VolGroup00/swap
mount /dev/VolGroup00/root /
mount /dev/VolGroup00/home /home
Does this look correct? Did I miss anything?