Hello everyone! I apologize in advance if my question/problem seems simple to you… Please know that I have done my best to solve my problem alone and in a hurry with some sources of information because being very limited in time, I have to do this rather quickly but correctly/rightly. In spite of my numerous efforts, I have not been able to solve my problem alone; that’s why I count on your understanding and your generous help! Thank you very much!
My goal 1 (primary): encrypt with cryptsetup/luks the Manjaro Linux system partition with AES-256 bits, SHA-512, aes-xts-plain64 encryption (NB: aes-xts-plain64 because it seems to me that it is a good thing because Veracrypt seems to use this by default (possibly for a good reason) on my Microsoft Windows dualboot system encryption).
My goal 2 (secondary): encrypt the /boot/efi partion with grub but for now it’s secondary until I manage to finish goal 1 above.
How I proceeded with goal 1 (not exhaustive) :
-
boot into the Manjaro Linux Xfce installer on USB Key.
-
prepare the media disk that will receive the installation and encryption.
-
open the terminal in root mode and execute the following commands to encrypt the system partition:
cryptsetup -v --hash sha512 --cipher aes-xts-plain64 --key-size 512 --use-random --iter-time 10000 --verify-passphrase luksFormat /dev/sdb4
cryptsetup open /dev/sdb4 luks
pvcreate /dev/mapper/luks
vgcreate vg /dev/mapper/luks
lvcreate -L 32G vg -n root
lvcreate -l 100%FREE vg -n home
mkfs.ext4 /dev/vg/root
mkfs.ext4 /dev/vg/home
I also tried this way for testing purposes:
cryptsetup -v --hash sha512 --cipher aes-xts-plain64 --key-size 512 --use-random --iter-time 10000 --verify-passphrase luksFormat /dev/sdb4
cryptsetup open /dev/sdb4 luks
mkfs.ext4 /dev/mapper/luks
- then launch the Calamares installer to install the system on the partition that has just been encrypted and the /boot/efi partition
Results after making many tests:
1 (most common). the system installation seems to have succeeded but an error in installing Calamares to install the grub.
2 (produced only once). installation of grub and system succeeded but on first boot I get a failure when landing on grub rescue.
Please note that my skills are quite limited but I’m doing the best I can with the time offered…
Thank you in advance for your understanding and your help!