[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libreboot] Full disk encryption on Lenovo X200

From: Duncan Guthrie
Subject: Re: [Libreboot] Full disk encryption on Lenovo X200
Date: Sun, 10 Jul 2016 14:17:07 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.1.0

Hash: SHA256

Hi T,
The Trisquel 7 install image has not been updated for about 1,5 years.
Were you trying an older version? It may be something on your end
otherwise. I would be interested to learn more

Thanks for your correspondence,

On 10/07/16 13:57, Tudor SUCIU wrote:
> Hello Duncan,
> What I wrote addresses the case when somebody with libreboot on his
> laptop wants a single encrypted partition (the "/"). I will not 
> test the grub stuff, with libreboot grub is directly in bios. I 
> already attached a working grub.cfg (to be put in bios). So, for 
> me, this guide: 
> Breaks 
> at "Further partitioning" because an install with encrypted /boot 
> is not allowed anymore. In order to obtain what I want - a full 
> disk encrypted - I obviously don't want to put a /boot partition
> on the main disk. If there is no unencrypted /boot the installer
> does not want to advance. It gives an error. So, you have my
> "hack" guide, that temporarily puts /boot on an external disk, just
> before putting it back onto "/".
> Hope it helps somebody in the future, I had to install trisquel 3 
> times before getting it right.
> On Sun, Jul 10, 2016 at 12:39 PM, Duncan Guthrie 
> <address@hidden <mailto:address@hidden>> wrote:
> Hi T, You can avoid the need for /boot entirely by adding 
> "GRUB_ENABLE_CRYPTDISK=y" to grub.cfg as discussed here: 
Read it carefully and see what you think. On that forum they discuss
> how to delete /boot, because GRUB can probe disks and unlock them,
>  although you need to put in LUKS password twice. It does work, I 
> can conform, on a computer without Libreboot installed. It may be 
> of use to you, as instructions are provided which show how to 
> install using the text installer (Debian was used but Trisquel has 
> the same process as they have the same text installer). Then 
> there's no need for putting /boot on external USB drive. Note, you 
> may need to unlock the drive on a live CD in order to add the 
> option to GRUB config file if the installer doesn't do it 
> automatically. If you really need /boot on an external drive one 
> suspects you just change the UUID in /etc/fstab to that of some 
> partition on the USB drive. Then copy all the files there, and 
> delete the partition that /boot is mounted at, usually /dev/sda1
> if you install on /dev/sda.
> Hope that helps, D.
> On 10 July 2016 11:06:04 BST, Tudor SUCIU <address@hidden 
> <mailto:address@hidden>> wrote:
>> Hello,
>> The guide on libreboot site is not working for me. I needed: - 
>> network connection on ethernet - use the text installer, LVM is 
>> not an option in the graphical install - use a usb key as
>> "/boot" - unencrypted - pretty complicated to boot the thing
>> (option 4 - search on external devices) - after first successful
>> boot from unencrypted /boot, as root: cp -r /boot /root/ umount
>> /boot cp -r /root/boot/* /boot vim /etc/fstab -> take out /boot
>> update-grub (did not work - would not boot with given conf)
>> manual boot instructions from the page work ok new grubtest.cfg
>> file in libreboot bios (attached)

Version: GnuPG v2


reply via email to

[Prev in Thread] Current Thread [Next in Thread]