Encrypt linux root partition like windows provides with bitlocker
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Encrypt linux root partition like windows provides with bitlocker
Windows provides bitlocker to encrypt its C drive, which asks for password upon boot. I want to know if any such options available with Linux. Ubuntu has full disk encryption option while installation, but what i want is only the root partition will be encrypted which will be helpful for dual booting. Also if the encryption can be applied after installation. Any specific distro provides this?? Or can I implement it with any distro??
Encrypting the root partition after installation may be possible (I don't know), but if it is then it certainly isn't easy. Several distros provide that on the installation stage, you just answer a few questions and it is done for you, so you should probably do it that way. I know Debian has it. Many others have it, but I wouldn't know which ones.
Note that full disk encryption can only apply if you choose full disk installation. If you're dual booting and install Linux on a separate partition, then only the Linux partition will be encrypted.
You sound very inexperienced so make sure you have backups of all your data before you go for it. It's very easy to lose data (even all of it) in formatting/installation operations.
Windows provides bitlocker to encrypt its C drive, which asks for password upon boot. I want to know if any such options available with Linux. Ubuntu has full disk encryption option while installation, but what i want is only the root partition will be encrypted which will be helpful for dual booting. Also if the encryption can be applied after installation. Any specific distro provides this?? Or can I implement it with any distro??
Why do you want to encrypt the root partition? This isn't really very useful. To use the distro, you'd need to decrypt it anyways which makes the data available and viable in a non-encrypted form. To encrypt the root folder is mostly useful if you want to avoid tampering with content on the root folder while you are booted into another distro. This is mostly just useful protection of the distro against "evil maids" on an unsecure other distro.
So, what exactly is the reason you want to encrypt the root partition? And if you want to do this, why would you not do it during the installation?
I'm not even sure what "only the root partition" is supposed to mean here, because most Linuxes are installed to only 1 partition anyhow, so "only the root partition" would entail the whole installation...
Encrypting the root partition after installation may be possible (I don't know), but if it is then it certainly isn't easy. Several distros provide that on the installation stage, you just answer a few questions and it is done for you, so you should probably do it that way. I know Debian has it. Many others have it, but I wouldn't know which ones.
Note that full disk encryption can only apply if you choose full disk installation. If you're dual booting and install Linux on a separate partition, then only the Linux partition will be encrypted.
You sound very inexperienced so make sure you have backups of all your data before you go for it. It's very easy to lose data (even all of it) in formatting/installation operations.
In ubuntu installer if i don't choose a clean installation the full disk encryption is grayed out, so i don't know about which distro you are talking. In my experience Fedora(or other distros based on it) only provides such option but I haven't tried it yet. And I don't think debian has it either as Ubuntu is basically based on it, but I could be wrong.
I'm not even sure what "only the root partition" is supposed to mean here, because most Linuxes are installed to only 1 partition anyhow, so "only the root partition" would entail the whole installation...
Maybe you meant the /boot partition?
Ok, well. First there are a few other things to consider when you install GNU/Linux on your computer. Not necessities but best practices:
1. always put /home on a separate partition, not the partition of root (/)
- consider a separate /boot partition
- consider a separate /tmp partition (ex. secure it with partition parameters (noexec,nodev etc) and encryption)
- consider a separate /usr partition (old school practices)
- consider a separate /var partition
- consider skipping SWAP partition on modern hardware (4gb+ RAM)
- consider using /opt and making it a separate partition (opt is good for things like firefox, skype, steam and other blobs/self contained software and binary style software packages), this partition can live beyond distro re-installations and be shared between distroes.
Having everything on the same partition doesn't make sense. Different parts of the filesystem will have different partition parameter needs, and some parts (not the whole) of the partition should ideally be encrypted (/home). If you WANT to encrypt the root partition, you'll probably want to go with a separate /boot partition and an appropriate initramfs to do that. Ideally when you install your distro, you will have these things planned out so that you can execute them correctly during the installation, not post-installation. Eventually you will work up some good routines that you will always use when you install a new distro, one of these MUST be to "manually partition your disks". Automation partitioning during distro installation is for newbies. I don't mean to hurt any feelings here, but it 100% is and should be avoided by everyone who knows anything about what they are doing, and if not, at least experiment with manual partitioning and learn it! For people with no idea and casual users, it is ok to use auto partitioning, no worries, just do it. Everyone else, don't!
In ubuntu installer if i don't choose a clean installation the full disk encryption is grayed out, so i don't know about which distro you are talking. In my experience Fedora(or other distros based on it) only provides such option but I haven't tried it yet. And I don't think debian has it either as Ubuntu is basically based on it, but I could be wrong.
Have a look into Mageia. It is a newbie friendly distro, but also friendly towards more experienced users (unlike ubuntu family). With this distro even a newbie can setup the partitioning correctly during the installation, and there aren't any unnecessary restrictions.
In ubuntu installer if i don't choose a clean installation the full disk encryption is grayed out, so i don't know about which distro you are talking. In my experience Fedora(or other distros based on it) only provides such option but I haven't tried it yet. And I don't think debian has it either as Ubuntu is basically based on it, but I could be wrong.
I know Debian has it because I have it. It was setup that way on installation. I don't know how to do it post installation. I know how to do it on other partitions, but not on root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.