Can't install Manjaro Linux on a luks/cryptsetup encrypted partition

Hello everyone! I apologize in advance if my question/problem seems simple to you… Please know that I have done my best to solve my problem alone and in a hurry with some sources of information because being very limited in time, I have to do this rather quickly but correctly/rightly. In spite of my numerous efforts, I have not been able to solve my problem alone; that’s why I count on your understanding and your generous help! Thank you very much!

My goal 1 (primary): encrypt with cryptsetup/luks the Manjaro Linux system partition with AES-256 bits, SHA-512, aes-xts-plain64 encryption (NB: aes-xts-plain64 because it seems to me that it is a good thing because Veracrypt seems to use this by default (possibly for a good reason) on my Microsoft Windows dualboot system encryption).

My goal 2 (secondary): encrypt the /boot/efi partion with grub but for now it’s secondary until I manage to finish goal 1 above.

How I proceeded with goal 1 (not exhaustive) :

  1. boot into the Manjaro Linux Xfce installer on USB Key.

  2. prepare the media disk that will receive the installation and encryption.

  3. open the terminal in root mode and execute the following commands to encrypt the system partition:

cryptsetup -v --hash sha512 --cipher aes-xts-plain64 --key-size 512 --use-random --iter-time 10000 --verify-passphrase luksFormat /dev/sdb4

cryptsetup open /dev/sdb4 luks

pvcreate /dev/mapper/luks

vgcreate vg /dev/mapper/luks

lvcreate -L 32G vg -n root

lvcreate -l 100%FREE vg -n home

mkfs.ext4 /dev/vg/root

mkfs.ext4 /dev/vg/home

I also tried this way for testing purposes:

cryptsetup -v --hash sha512 --cipher aes-xts-plain64 --key-size 512 --use-random --iter-time 10000 --verify-passphrase luksFormat /dev/sdb4

cryptsetup open /dev/sdb4 luks

mkfs.ext4 /dev/mapper/luks

  1. then launch the Calamares installer to install the system on the partition that has just been encrypted and the /boot/efi partition

Results after making many tests:

1 (most common). the system installation seems to have succeeded but an error in installing Calamares to install the grub.

2 (produced only once). installation of grub and system succeeded but on first boot I get a failure when landing on grub rescue.

Please note that my skills are quite limited but I’m doing the best I can with the time offered…
Thank you in advance for your understanding and your help!


You do not have to prepare your partition to be already encrypted prior to running the calamares installer … See the image in this topic:

thank you for your help. However, I know that, only Calamares offers a simple checkbox without encryption option. So, if I remember correctly, Calamares only offers AES-128 bits via this checkbox. It is true, that it would be great if in the future Calamares would offer encryption options.