LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-27-2020, 12:07 AM   #1
bboyukoy
LQ Newbie
 
Registered: Jun 2020
Posts: 4

Rep: Reputation: Disabled
Question Need recommendation on encrypting a dual boot drive


Hi.

I want to encrypt NVMe/SSD drive. I'd like to know if I should perform full disk encryption instead of encrypting each OS separately. I want to have a dual boot laptop for Windows 10 and Linux OS (preferably Mint or Ubuntu). If I'm only using Windows 10, I'll just use Bitlocker (tried before) or VeraCrypt. The main OS will be Windows 10 home (will be used by other members of the family). It's a new laptop with AMD processor. I still want to access my files on Windows under "C:\Users" when I'm using Linux and I also want to access my Linux files when I'm using Windows. Sometimes there are files that I leave on "downloads" folder in both operating systems. I share the laptop with other people at home and they will have their own user account on Windows only.

I also want to create a logical partition or logical drive on Windows 10. It's for common files like that we can share.

Based on the Windows 10 Disk Management, the current disk has EFI system partition (disk 0, partition 1), Drive C (boot, Windows 10) and recovery partition (disk 0, partition 4). It was setup this way when I received the laptop. Type is "basic" disk. Partition style is GPT.

I'm planning to use an external drive to backup my data. I'm also planning to encrypt it.

I have tried dual booting Windows and Linux few times but without encryption. Need some guidance on encrypting both OS.

Suggestions please?
 
Old 06-27-2020, 10:05 AM   #2
z80
Member
 
Registered: Jul 2019
Location: Europe
Distribution: Slackware64-current
Posts: 140

Rep: Reputation: 103Reputation: 103
You need to encrypt the operating systems and not the full disk.
Linux needs an unencrypted boot partition and the filesystems and tools to encrypt/decrypt them are too different anyway.

Regarding an external disk: if you want to use it with Linux AND Windows you can encrypt it with Veracrypt and format it with NTFS. IN this case both Windows and Linux will be able to use it.

Last edited by z80; 06-27-2020 at 10:07 AM.
 
Old 06-27-2020, 12:39 PM   #3
bboyukoy
LQ Newbie
 
Registered: Jun 2020
Posts: 4

Original Poster
Rep: Reputation: Disabled
Can I still access Window's My Documents from Linux and vice versa?
Thanks.

Quote:
Originally Posted by z80 View Post
You need to encrypt the operating systems and not the full disk.
Linux needs an unencrypted boot partition and the filesystems and tools to encrypt/decrypt them are too different anyway.

Regarding an external disk: if you want to use it with Linux AND Windows you can encrypt it with Veracrypt and format it with NTFS. IN this case both Windows and Linux will be able to use it.
 
Old 06-27-2020, 01:32 PM   #4
z80
Member
 
Registered: Jul 2019
Location: Europe
Distribution: Slackware64-current
Posts: 140

Rep: Reputation: 103Reputation: 103
Yes, provided you encrypt the Windows 10 partition with a method / tool that Linux can decrypt.
I'm only aware of Veracrypt / Truecrypt but others might exist.

BTW: I did that in the past before completely getting rid of Windows (2 years ago).

Edited to add:
I'd rather use a dedicated partition for your documents, so you don't (accidently) mess with the Windows system folders from within Linux.

Last edited by z80; 06-27-2020 at 01:37 PM.
 
Old 06-27-2020, 11:18 PM   #5
bboyukoy
LQ Newbie
 
Registered: Jun 2020
Posts: 4

Original Poster
Rep: Reputation: Disabled
I haven't decided yet if I will create separate partitions for these but is there any partition that I should not encrypt?

bin/ dev/ home/ lib/ misc/ opt/ root/ tmp/ var/
boot/ etc/ initrd/ lost+found/ mnt/ proc/ sbin/ usr/

Quote:
Originally Posted by z80 View Post
Yes, provided you encrypt the Windows 10 partition with a method / tool that Linux can decrypt.
I'm only aware of Veracrypt / Truecrypt but others might exist.

BTW: I did that in the past before completely getting rid of Windows (2 years ago).

Edited to add:
I'd rather use a dedicated partition for your documents, so you don't (accidently) mess with the Windows system folders from within Linux.
 
Old 06-28-2020, 12:08 AM   #6
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 21,169

Rep: Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126
There is no (little at best) point in encrypting anything except /home - and as pointed out, it might only be a subset, say /home/bboyukoy/Documents.
Make sure it doesn't hold files you want to share with your other users, else they will need to know your (secret) passphrase.
 
Old 06-28-2020, 01:03 AM   #7
bboyukoy
LQ Newbie
 
Registered: Jun 2020
Posts: 4

Original Poster
Rep: Reputation: Disabled
Thanks.
Would you recommend encrypting Windows first before partitioning the disk and install Linux in another partition and encrypt it too?
 
Old 06-28-2020, 03:09 AM   #8
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 21,169

Rep: Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126Reputation: 4126
No. I'm a great believer in KISS.
Resize the Win partition(s) first, and leave the space unallocated for later Linux install. Then encrypt the Win partition(s) as needed then install Linux. I've never looked at veracrypt, so z80 will be able to advise you there - I believe it shouldn't matter where you encrypt the shared partition from, but I'm happy to be correcterd.
 
Old 06-30-2020, 01:40 PM   #9
z80
Member
 
Registered: Jul 2019
Location: Europe
Distribution: Slackware64-current
Posts: 140

Rep: Reputation: 103Reputation: 103
If you use Veracrypt I'd suggest to encrypt the Windows partition from within Windows.
Then install and encrypt Linux using LUKS (you can't access the Linux filesystem from Windows anyway) and finally install Veracrypt on Linux to mount the Windows partitions.

Edited to fix typos
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to go from single drive dual boot to two drive dual boot? argoldst Linux - Newbie 4 10-21-2015 02:28 PM
Encrypting the usb flash drive vijaush Linux - Kernel 9 12-16-2011 04:32 AM
Encrypting your hard drive baldurpet Linux - Newbie 18 04-01-2009 02:50 AM
encrypting hard drive Murdock1979 Linux - Security 2 08-18-2006 06:56 AM
encrypting the hard drive ? memo007 Linux - Security 4 06-06-2005 05:11 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration