Encrypted Ubuntu 8.04

znx for the article, it's great :) clear and simple... does it work when there is 1 partition with winxp and other empty on 1 songle disk and if I want to install ubuntu on than empty partition. tnx

Like the idea of this installation, but no Safe Graphics installation mode exists. After installation, I could not read anything.

I have compaq presario v3804 with amd turion 64 x2 tl-60. I can't continue the installation after i choose 'install ubuntu' option at the boot menu. I have tried to type 'irqpoll pci=noacpi noapic nolapic acpi=off' at the boot option, but it didn't work. Help me, please...

In order to install the command line option, on the boot option screen, press F4 and it will let you choose the command line option.

When clicking on the link above to download Ubuntu, be sure to choose one with 'Alternate' in the title.

I mistakenly downloaded one without 'Alternate' in the file name and it did not give me the option to encrypt. Only options was language and time zone.

What to do if I want software RAID (level 1) under the encryption?

Could You please post all information needed to evaluate the security offered by the encryption which You have added to Ubuntu. This means keysize, algorythm used, which encryption software is it based on, where are the passphrases stored...etc. Thanks

how do you make a /home partition like in debian before installing

Lovely tutorial, i am just wondering how actually strong the encryption is ? does anyone know ?

Is there any way that you can use different partitions instead of the entire disk,
and can you use Kubuntu 8.10 any help would be appreciated.

Encrypted systems can always break at a pace that depends upon encryption algorithm. Is there any way for the end user to decrypt his fs if he makes a mistake? How about the overall speed and system resources?

Hey, i also want to thank the author for this article, even if its not so new it is still very good for beginners.

I read some questions, not knowing how good the skills of all of you are i collected some intel, maybe not very useful, but hopefully it is:

The encryption of the ubuntu alternate cd should be pretty strong,
it uses LUKS (Linux Unified Key Setup), google for that to get some info,
Couldnt figure out though what strenght the key has,
but i guess it beats your sister, even if she's hacking your hd using gfx-cards ^^
If thats not enough security try OpenBSD, but then again...

Well, and yes, you can make partitions after installing/encrypting, but dont forget to do your backups of course!

If you want to encrypt your hd without installing ubuntu, you can do that by getting the packages and the fitting frontend, google for stuff,

There should be no way of getting back your system, once you forgot your passphrase.
The only place reachable is /boot afaik, so make double sure you dont lose it!

Speed is definetly no problem when you are using an average pc, i.e. 2x2ghz.
But dont expect your pc to work as a gamestation or renderfarm, it does slow down.
There should be some benchmarks about this, google again.

So i am using ubuntu for some time now, but i am am not really a hight-tech-geek user,
since i find it very hard to get some real answers to this encryption stuff, i also would really appreciate to get to know more about how stuff works with this alternate release, which - by the way - i am using, in encrypted mode! thanks ^^

I Don´t know what Ubuntu CD to donwload. I386, AMD64, powerPC?
Could you help?

For Alexandre Vieira: What processor do you have?

I think my processor is a Intel Pentiun 1.73GHz in a laptop ( DELL Latitude - D510 ). I friend told me to use the Alternate I386 Ubuntu CD. Is it this?

For Alexandre Vieira: This is the file...

http://releases.ubuntu.com/8.04.1/ubuntu-8.04.1-alternate-i386.iso

Thank´s Marius Nestor.
The install was sucessfull.

Now other question: In this tutorial the encrypted Ubuntu was installed on the entired HD. I would like to use with windows ( dual boot ). I tried but on the Manual Partiotioning I can´t use the encrypting function.
Someone knows how to do this?

Why the warning to provide a master drive and not a slave drive? Why does that matter?

Thank you Mit.

But I have only a hard drive. I don´t have a master hd and another slave hd to install. I using a laptop. Because of this I want to use the Manual Partiotining. But before the partiotining I can´t to use the encrypting install of the Ubuntu.

...easy set-up for those now wanting to properly encrypt their disk ...first of all the installer does not dd /dev/urandom to your disk...THAT IS BAD! an attacker will know exacly what to attack...also if installed over an uncrypted installation any idiot can recover your old files....also what algorithim does the defualt use? mode of operation? hashing? keysize? if any one of those is insecure your whole setup is!
i recommend aes256, serpent256, or twofish256 for the algorithm, SHA512, or Whirlpool for hashing (SHA256 should be ok for another year or so) and the XTS mode of operation with a 512 bit keysize
do not trust automated crypto installers! contact the ubuntu developers and ask how it is set up .... they bypassed dding the drive to urandom....god only knows what else
.at the very least before doing this do these 2 commands from liveCD
1)a sudo shred -zfv /dev/sda (or/dev/disktoshred) that will zero the drive...i sujjest using it if your drive had data on it before the install..espically if it was uncrypted....1b) for more paranoid and security concious users sudo shred -zfv -n 7 /dev/sda that meets the DOD and NSA standard for securely wiping data. The final pass of the shred will be zeros masking shredding.
2) sudo dd if=/dev/urandom of=/dev/sda -- writes random data to your hard disk... if you just want your wife not to see your porn, bypass step 1

Great guide - better than anything on the Ubuntu site.

Many thanks!

It seems to me that a potential disadvantage is disaster recovery is more difficult. Data loss is easier.