Talk:Full Disk Encryption From Scratch Simplified

Swap partition
The article does not consider the creation of the swap partition. --Mimosinnet 06:59, 3 March 2018 (UTC)

I never used encryption for swap, so I can't add information how to do it. Maybe, someone from community can add such info. P.S. For laptop - suspend to RAM are pretty enough, for desktop - same. If I haven't enough RAM to do something (compilation of libreoffice) -> then temporary swap file on encrypted partition are enought. -- Feniksa 18:00, 4 March 2018 (UTC)

I have found that this article covers the encrypted swap and hibernation https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide/Preparing_the_LUKS-LVM_Filesystem_and_Boot_USB_Key -- citizenkepler 17:24, 3 October 2018 (UTC)

cryptsetup command
The article suggests the command:

The key size in bits should follow the -s flag. Therefore, the previous command does not work. What about:

--Mimosinnet 08:45, 15 March 2018 (UTC)


 * Completed in a previous edit. --Grknight (talk) 02:15, 8 November 2018 (UTC)

grub needs device-mapper support
As far as I know grub needs to be compiled with the device-mapper USE flag in order to support lvm. This should be mentioned somewhere.

--weidenba 8:15, 2nd September 2018 (UTC)


 * Added, thanks. --Grknight (talk) 02:17, 8 November 2018 (UTC)

You've done a couple of mistakes in here.. You're instructing to make a /dev/ssX1 partition of 2M using parted, but it never gets used.. The first thing is making a filesystem for it, your guide does not include it, also, it says that I should use the command "mount /boot" while it is after following this guide already mounted, it does not direct into mounting /boot/efi/ partition /dev/sdX1 for the EFI parts of a GRUB installation. There's no alternative for if the system does not support EFI (such as in if I had an older computer lying around) while the software works for encrypting an LVM volume by using dmcrypt) and grub-install, and that you might want to run a grub-install directly into the MBR (after the necessary modifications to the grub.cfg file) to make grub boot a legacy system, which is: grub-install /dev/sdX Optional: As this is supposed to be an encrypted disk, not really exactly necessary, but optional, to wipe the disk using a: dd if=/dev/urandom of=/dev/sdX or at least: dd if=/dev/urandom of=/dev/sdX3 (the encrypted LVM partition) after the partition has been unlocked or before formatting it and making any Volume Groups on it.. Other than that, this guide is good for installing a minimal Gentoo system, just see the first part, it makes no sense to use parted for a separate EFI partition which never gets formatted using the appropriate file system and the referral says to mount /boot while it's already mounted, do I not want to install grub efi files into something as such as /boot/efi (after /dev/sdX1 is mounted, you skipped this step), instead? Yes I do. And if I can't.. If I'm on a legacy system, I can still run: grub-install /dev/sdX to install grub into the MBR, or the system won't boot.. H4cr (talk) 00:14, 7 August 2021 (UTC)H4cr