I know you wanted this, the Ubuntu team also knew and they've implemented it in the new version of Ubuntu, Gutsy Gibbon. Unfortunately, it's only available in the text mode installer, but that's why this guide is here, to help you install a fully encrypted Ubuntu OS on your computer. This process is completely safe and it is recommended to be used by anyone out there who wants to protect his/her sensitive data. To break it down to you: No more living in fear! Your data will NOT be stolen anymore!
What are the benefits of this encryption?
■ Everything on that disk (including the swap space) are fully encrypted. Encrypting temporary (swap) files is important, as they can reveal important confidential data. ■ With full disk encryption, the decision of which files to encrypt is not left up to users. ■ Support for pre-boot authentication. ■ Immediate data destruction! How? By simply destroying the cryptography keys. However, if security towards future attacks is a concern, file wiping or physical destruction is advised.
The only disadvantage of this encrypted installation is that it will take between 6 to 10 times longer than a normal (unencrypted) installation.
Things needed:
Let's begin, shall we? If you didn't already, get your copy of Ubuntu 7.10 Alternate CD right now from Softpedia, burn it on a blank CD with your favorite CD/DVD burning application, reboot your computer and boot from this newly created CD. The Ubuntu boot menu will appear, select the first option (Install in text mode) and hit enter:
Choose your native language and region:
On the following screen, choose 'Yes' if you want to let the installer auto-detect your keyboard layout, or choose 'No' to select a default layout from the next screen(s) (e.g. for a US English keyboard, select 'No', hit enter, then on the second screen select 'U.S. English' and hit enter and on the third screen select 'U.S. English' again and hit enter to continue):
It will then detect some of your hardware components (and it will automatically load the necessary kernel modules for them), load additional components and configure the network with DHCP. Enter a desired hostname when asked:
Disk partitioning will start. Select the third option: Guided - use entire disk and set up encrypted LVM:
Choose the hard disk where Ubuntu will be installed:
Note: Please provide an empty hard drive for this installation, because all the data will be erased after you confirm the changes.
Confirm the changes:
And immediately after, it will start to erase all the data on that hard drive:
WARNING: This process will take a long time, depending on the size of the hard drive (ex.: For a 80 GB SATA hard drive, it will take about 45 minutes).
When the erase process is over, it will ask you to enter a passphrase (a strong password, the longer the better):
Confirm the passphrase:
Now, the partitioning tool will format the hard drive and create the default partitioning scheme. Confirm the changes:
Configure the time zone and set the clock:
Create a user and set up a password for it:
The base system and all the software will be installed now:
It is possible to be interrupted to select a preferred screen resolution. If so, select the desired resolution and hit space to mark it:
And the installation is over. Hit 'Continue' to eject the CD and reboot the system:
When the system starts you will be asked to input the passphrase that you've setup during the system's installation (see above):
You will notice that if you've typed the password correctly, the system continues to boot:
That's it folks, your whole Ubuntu 7.10 is now fully encrypted, like you've always dreamed of!