Revision as of 03:50, November 17, 2016

This howto describes how to setup a complete Funtoo Encrypted Install ( Root File System and SWAP ) using LUKS and LVM on LINODE VPS

Note

Use Funtoo Installation Guide for reference.

Important

This howto is a compilation of steps. If you find any discrepancy blame pfctl on #Funtoo @ Freenode.
Work smarter not Harder.

Setting Linode

From Linode Manager create a new Linode. Under the Disks section of the Linode Dashboard, click on "Create a new Disk:"

Label your new disk image and choose an appropriate size. Here we will create "two disks" the first for root partition and another for swap. Set appropriate size for each one.

Select the Create a New Configuration Profile option. Assign a label, and select your disk images under Block Device Assignment.

Click on Save Changes once your profile is complete.

Return to the Linode DashBoard, and select the Rescue tab. From there, click the Reboot Into Rescue Mode button. Your Linode will now boot into the Finnix recovery image. Use the Lish shell to access your Linode.

Run the following set of commands to create a root password and enable SSH server:

root # passwd ↵
root # service ssh start ↵

{{{title}}}

{{{body}}}

Prepare Hard Disk and Partitions

root # sgdisk --zap-all /dev/sda ↵
root # sgdisk --zap-all /dev/sdb ↵

Creating new GPT entries.
GPT data structures destroyed! You may now partition the disk using fdisk or
other utilities.

Now we will use fdisk to create the MBR partition table and partitions:

root # fdisk /dev/sda ↵

Within fdisk, follow these steps:

Empty the partition table:

Command (m for help): o ↵

Create Partition 1 (boot):

Command (m for help): n ↵
Partition type (default p): p ↵
Partition number (1-4, default 1): 1 ↵
First sector: ↵
Last sector: +100M ↵

Create Partition 2 (root):

Command (m for help): n ↵
Partition type (default p): p ↵
Partition number (2-4, default 2): 2 ↵
First sector: ↵
Last sector: ↵
Command (m for help):  w ↵
Command (m for help):  q ↵

Create Swap Partition

root # fdisk /dev/sdb ↵

Command (m for help): n ↵
Partition type (default p): p ↵
Partition number (1-4, default 1): 1 ↵
First sector: ↵
Last sector: ↵
Command (m for help):  w ↵
Command (m for help):  q ↵

Encrypting Partitions ( root /dev/sda2 and swap /dev/sdb1 )

root # cryptsetup --cipher aes-xts-plain64 --hash sha512 --key-size 256 luksFormat /dev/sda2 ↵
root # cryptsetup --cipher aes-xts-plain64 --hash sha512 --key-size 256 luksFormat /dev/sdb1 ↵

Initializing Encrypted Partitions

root # cryptsetup luksOpen /dev/sda2 cryptroot ↵
root # cryptsetup luksOpen /dev/sdb1 cryptswap ↵

Creating Logical Volumes

root # pvcreate /dev/mapper/cryptroot ↵
root # vgcreate data /dev/mapper/cryptroot ↵
root # lvcreate -l 100%FREE -nroot data ↵

root # pvcreate /dev/mapper/cryptswap ↵
root # vgcreate cswap /dev/mapper/cryptswap ↵
root # lvcreate -l 100%FREE -nswap cswap ↵

Creating FileSystems and Mounting them

root # mkfs.ext2 /dev/sda1 ↵
root # mkswap /dev/mapper/cswap-swap ↵
root # mkfs.ext4 /dev/mapper/data-root ↵
root # swapon /dev/mapper/cswap-swap ↵
root # mkdir /mnt/funtoo ↵
root # mount /dev/mapper/data-root /mnt/funtoo ↵
root # mkdir /mnt/funtoo/boot ↵
root # mount /dev/sda1 /mnt/funtoo/boot ↵

Installing the Stage 3 tarball and chrooting

root # cd /mnt/funtoo ↵
root # wget http://build.funtoo.org/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz ↵
root # tar xpf stage3-latest.tar.xz ↵
root # cp /etc/resolv.conf etc/ ↵
root # mount -t proc none proc ↵
root # mount --rbind /dev dev ↵
root # mount --rbind /sys sys↵
root # chroot . bash -l ↵

Editing the fstab

root # nano /etc/fstab ↵

/etc/fstab

# <fs>                  <mountpoint>  <type>    <opts>                          <dump/pass>
/dev/sda1               /boot         ext2      noauto,noatime                  1 2
/dev/mapper/cswap-swap     none          swap      sw                              0 0
/dev/mapper/data-root     /             ext4      noatime,nodiratime,defaults     0 1

Get the Funtoo Portage three

root # emerge --sync ↵

/etc/localtime

/etc/localtime is used to specify the timezone that your machine is in, and defaults to UTC. If you would like your Funtoo Linux system to use local time, you should replace /etc/localtime with a symbolic link to the timezone that you wish to use.

root # ln -sf /usr/share/zoneinfo/America/Sao_Paulo ↵

/etc/portage/make.conf

MAKEOPTS="-j2"

Updating Entire System.

root # echo "sys-kernel/debian-sources -binary" >> /etc/portage/package.use ↵
root # emerge -uDavN @world

@@ Line 2: / Line 2: @@
 {{Note|Use [[Install|Funtoo Installation Guide]] for reference.}}
-<br />
 {{Important|This howto is a compilation of steps. If you find any discrepancy  blame <code>pfctl</code> on <code>#Funtoo</code> @ Freenode.
 <br /> Work smarter not Harder.}}
-<big>Setting  Linode</big>
+<big>'''Setting  Linode'''</big>
 * ''From [https://manager.linode.com/ Linode Manager] create a new Linode. Under the '''Disks''' section of the Linode Dashboard, click on '''"Create a new Disk:"'''''
-<br />
 [[File:Custom-distro-new-disk small.png|New_Disk]]
 <br />
 * ''Label your new disk image and choose an appropriate size.  Here we will create "two disks"  the first for root partition and another for swap. Set appropriate size for each one.''
-<br />
 [[File:Custom-distro-disk-image.png|Edit_Disk]]
 <br />
 * ''Select the '''Create a New Configuration Profile''' option. Assign a label, and select your disk images under '''Block Device Assignment'''.''
 [[File:Custom-distro-config-profile small.png|Config_Profile]]
 <br />
 Click on '''Save Changes''' once your profile is complete.
@@ Line 36: / Line 35: @@
 <br />
-<big>Prepare Hard Disk and Partitions</big>
+<big>'''Prepare Hard Disk and Partitions'''</big>
-<br />
 <console>
 # ##i##sgdisk --zap-all /dev/sda ↵
@@ Line 52: / Line 48: @@
 Now we will use <code>fdisk</code> to create the MBR partition table and partitions:
-<br />
 <console>
 # ##i##fdisk /dev/sda ↵
@@ Line 58: / Line 53: @@
 <br />
 Within <code>fdisk</code>, follow these steps:
+<br />
 '''Empty the partition table:'''
 <console>
 Command (m for help): ##i##o ↵
 </console>
+<br />
 '''Create Partition 1 (boot):'''
 <console>
 Command (m for help): ##i##n ↵
@@ Line 76: / Line 70: @@
 Last sector: ##i##+100M ↵
 </console>
+<br />
 '''Create Partition 2 (root):'''
 <console>
 Command (m for help): ##i##n ↵
@@ Line 88: / Line 82: @@
 Command (m for help): ##i## q ↵
 </console>
 <br />
 '''Create Swap Partition'''
 <console>
 # ##i##fdisk /dev/sdb ↵
@@ Line 105: / Line 96: @@
 Command (m for help): ##i## q ↵
 </console>
+<br />
 <big>'''Encrypting Partitions ( root /dev/sda2 and swap /dev/sdb1 )'''</big>
 <console>
 # ##i##cryptsetup --cipher aes-xts-plain64 --hash sha512 --key-size 256 luksFormat /dev/sda2 ↵
 # ##i##cryptsetup --cipher aes-xts-plain64 --hash sha512 --key-size 256 luksFormat /dev/sdb1 ↵
 </console>
 <br />
 <big>'''Initializing Encrypted Partitions'''</big>
-<br />
 <console>
 # ##i##cryptsetup luksOpen /dev/sda2 cryptroot ↵
 # ##i##cryptsetup luksOpen /dev/sdb1 cryptswap ↵
 </console>
 <br />
 <big>'''Creating Logical Volumes'''</big>
-<br />
 <console>
 # ##i##pvcreate /dev/mapper/cryptroot ↵
@@ Line 135: / Line 118: @@
 # ##i##lvcreate -l 100%FREE -nroot data ↵
 </console>
 <br />
@@ Line 143: / Line 125: @@
 # ##i##lvcreate -l 100%FREE -nswap cswap ↵
 </console>
+<br />
 <big>'''Creating FileSystems and Mounting them'''</big>
-<br />
 <console>
 # ##i##mkfs.ext2 /dev/sda1 ↵
@@ Line 153: / Line 133: @@
 # ##i##mkfs.ext4 /dev/mapper/data-root ↵
 # ##i##swapon /dev/mapper/cswap-swap ↵
-# ##i##mkdir /mnt/funtoo
+# ##i##mkdir /mnt/funtoo ↵
-# ##i##mount /dev/mapper/data-root /mnt/funtoo
+# ##i##mount /dev/mapper/data-root /mnt/funtoo ↵
-# ##i##mkdir /mnt/funtoo/boot
+# ##i##mkdir /mnt/funtoo/boot ↵
-# ##i##mount /dev/sda1 /mnt/funtoo/boot
+# ##i##mount /dev/sda1 /mnt/funtoo/boot ↵
+</console>
+<br />
+'''<big>Installing the Stage 3 tarball and chrooting</big>'''
+<console>
+# ##i##cd /mnt/funtoo ↵
+# ##i##wget http://build.funtoo.org/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz ↵
+# ##i##tar xpf stage3-latest.tar.xz ↵
+# ##i##cp /etc/resolv.conf etc/ ↵
+# ##i##mount -t proc none proc ↵
+# ##i##mount --rbind /dev dev ↵
+# ##i##mount --rbind /sys sys↵
+# ##i##chroot . bash -l ↵
+</console>
+<br />
+= Editing the fstab =
+<console>
+# ##i##nano /etc/fstab ↵
+</console>
+{{file|name=/etc/fstab|desc= |body=
+# <fs>                  <mountpoint>  <type>    <opts>                          <dump/pass>
+/dev/sda1               /boot         ext2      noauto,noatime                  1 2
+/dev/mapper/cswap-swap     none          swap      sw                              0 0
+/dev/mapper/data-root     /             ext4      noatime,nodiratime,defaults     0 1
+}}
+<br />
+<big>'''Get the Funtoo Portage three'''</big>
+<console>
+# ##i##emerge --sync ↵
 </console>
+<br/>
+<big>/etc/localtime</big>
+<code>/etc/localtime</code> is used to specify the timezone that your machine is in, and defaults to UTC. If you would like your Funtoo Linux system to use local time, you should replace /etc/localtime with a symbolic link to the timezone that you wish to use.
+<br />
+<console>
+# ##i##ln -sf /usr/share/zoneinfo/America/Sao_Paulo ↵
+</console>
+<br />
+<big>'''/etc/portage/make.conf'''</big>
+<pre>
+MAKEOPTS="-j2"
+</pre>
+<br />
+<big>'''Updating Entire System'''</big>.
+<console>
+# ##i##echo "sys-kernel/debian-sources -binary" >> /etc/portage/package.use ↵
+# ##i##emerge -uDavN @world
+</console>
+<br />

Difference between revisions of "Encrypted funtoo on linode"

Revision as of 03:50, November 17, 2016

Editing the fstab

Navigation menu

Search