full disk encryption with luks on manjaro xfce - Printable Version +- PINE64 (https://forum.pine64.org) +-- Forum: Pinebook Pro (https://forum.pine64.org/forumdisplay.php?fid=111) +--- Forum: Pinebook Pro Tutorials (https://forum.pine64.org/forumdisplay.php?fid=117) +--- Thread: full disk encryption with luks on manjaro xfce (/showthread.php?tid=9052) |
RE: full disk encryption with luks on manjaro xfce - e-minguez - 05-15-2020 (05-15-2020, 12:28 PM)Der Geist der Maschine Wrote:I guess I would need to be extra careful with updates... But in any case, you can always boot with an SD card and fix it (or plugging the SD card into another PC and fix it)(05-15-2020, 12:42 AM)e-minguez Wrote: Plug it into your pbp and profit! Enviado desde mi ONEPLUS A5010 mediante Tapatalk RE: full disk encryption with luks on manjaro xfce - e-minguez - 05-18-2020 (05-15-2020, 12:47 PM)e-minguez Wrote:(05-15-2020, 12:28 PM)Der Geist der Maschine Wrote:I guess I would need to be extra careful with updates... But in any case, you can always boot with an SD card and fix it (or plugging the SD card into another PC and fix it)(05-15-2020, 12:42 AM)e-minguez Wrote: Plug it into your pbp and profit! TBH it's been a while since I used arch seriously and I'm used to Fedora/CentOS/RHEL, where rpmnew/rpmsave is the way to do the updates so I searched about the same stuff for Arch and I've found this https://wiki.archlinux.org/index.php/Pacman/Pacnew_and_Pacsave which I guess if any updates to mkinitcpio or extlinux are performed, the changes won't be overwritten. RE: full disk encryption with luks on manjaro xfce - as400 - 05-18-2020 (05-15-2020, 12:28 PM)Der Geist der Maschine Wrote: I just wonder if you will continue profiting beyond kernel updates? What if a manjaro kernel update comes with a new version of extlinux.conf overwriting your custom one? Don't worry, it will be saved as extlinux.conf.pacnew. RE: full disk encryption with luks on manjaro xfce - Der Geist der Maschine - 05-18-2020 (05-18-2020, 05:37 AM)as400 Wrote:(05-15-2020, 12:28 PM)Der Geist der Maschine Wrote: I just wonder if you will continue profiting beyond kernel updates? What if a manjaro kernel update comes with a new version of extlinux.conf overwriting your custom one? So, you may miss a potentially important update to extlinux.conf if you don't notice that pacnew file and manually merge it into your custom extlinux.conf file? RE: full disk encryption with luks on manjaro xfce - as400 - 05-19-2020 (05-18-2020, 10:27 AM)Der Geist der Maschine Wrote: So, you may miss a potentially important update to extlinux.conf if you don't notice that pacnew file and manually merge it into your custom extlinux.conf file? Like what exactly ? The same way you also miss potential important update to uboot since its not automatically updated. RE: full disk encryption with luks on manjaro xfce - FutureBucket - 05-19-2020 (05-15-2020, 12:42 AM)e-minguez Wrote: The howto is very simple, you just need: Amazing, Thank you! sidenote - If you put a bad password in, the script will happily continue. (yes, I know, I was going to change it later) Enter passphrase for /dev/sda2: Password quality check failed: The password fails the dictionary check - it is based on a dictionary word Device /dev/sda2 is not a valid LUKS device. Device /dev/sda2 is not a valid LUKS device. mount: /var/tmp/manjaro-arm-installer/root: special device /dev/mapper/ROOT_MNJRO does not exist. RE: full disk encryption with luks on manjaro xfce - e-minguez - 05-19-2020 (05-19-2020, 02:31 PM)FutureBucket Wrote:Yes, the script is not super robust but I don't wanted to overengineer it without knowing if it is going to be merged or just rejected.(05-15-2020, 12:42 AM)e-minguez Wrote: The howto is very simple, you just need: Enviado desde mi ONEPLUS A5010 mediante Tapatalk full disk encryption with luks on manjaro xfce - e-minguez - 05-21-2020 It's been merged! https://gitlab.manjaro.org/manjaro-arm/applications/manjaro-arm-installer Any volunteers to give it a try (besides myself)? Enviado desde mi ONEPLUS A5010 mediante Tapatalk RE: full disk encryption with luks on manjaro xfce - FutureBucket - 05-23-2020 (05-21-2020, 12:57 AM)e-minguez Wrote: It's been merged! https://gitlab.manjaro.org/manjaro-arm/applications/manjaro-arm-installer k, I'll give it a go. Here's what I did. I used kvm/virsh to install a fresh manjaro-xfce-20.0.1, Added an SD card as the second disk (directly passed /dev/sdb though). started ssh and sshed into it. pacman -S git vim pacman -S dialog manjaro-arm-qemu-static git clone https://gitlab.manjaro.org/manjaro-arm/applications/manjaro-arm-installer.git vim ./manjaro-arm-installer/manjaro-arm-installer Line 491 was changed. my disk is /dev/vdb and the script didn't support it. Code: if [[ "$SDTYP" = "vd" ]]; then export CRYPT=y ; ./manjaro-arm-installer/manjaro-arm-installer pbpro, xfce, etc, etc, etc,. It prompts for luks password twice. Downloads aarch64 stuff. etc. I kind of watched it. it took about an hour or so and got the following errors (that I noticed) Quote:==> Starting build: 5.6.0-2-MANJARO-ARM powered off the VM, put the SD card into my PBP and.... it used the SD boot partition to load the eMMC root partition.Cool but not what I wanted. so I zeroed the first ~1G of my eMMC, rebooted and très bien!! it worked! You're the best! thanks! full disk encryption with luks on manjaro xfce - e-minguez - 05-24-2020 Those errors are harmless, it cannot find some modules but that's ok. Glad to hear it worked! Enviado desde mi ONEPLUS A5010 mediante Tapatalk |