Installing Debian 9 / Kali 2.0 to an already LUKS encrypted LVM volume group

A quick guide for those of you struggling to install Debian Stretch, Kali 2.0 or other Linux systems that use the Debian installer, into a previously configured LVM volume group – i.e. into a LUKS encrypted partition.

Example: You have your disk already encrypted with other Linux system(s) present and now you want to install Debian / Kali 2.0 into this encrypted disk. You’d prefer one encrypted partition for your systems, rather than shrinking the size of one to create another.

I recently came across this problems and after searching online found limited information on how this was possible. Debian doesn’t have a Live version to unlock/decrypt a previously configured LVM volume group, Kali does have a Live version, but from 2.0 it is no longer possible to access the installer from the Live version, for whatever reason. So this needs to be done from the Debian installer using BusyBox.

Note: The installer does have the option to set up LVM, but unfortunately does not have a built-into-installer solution for decrypting and mounting a volume group. This has been tested on Debian Jessie 8, Stretch 9 and Kali 2.0.
Continue reading “Installing Debian 9 / Kali 2.0 to an already LUKS encrypted LVM volume group”

Advertisements

Triple booting the Asus T100TA: Windows, Lubuntu and encrypted Linux Mint

t100ta

As the title suggests, this post is about triple booting the Asus T100TA with Windows, Lubuntu and an encrypted Linux Mint.

This was made possible with thanks to John Well’s blog post on installing Ubuntu onto the T100TA, a custom encryption setup tutorial, a full disk encryption tutorial, as well as documentation from elsewhere such as Ubuntu and Debian help pages.

Here you will find instructions on how to successfully have three functioning operating systems, information on setting up custom encryption on the T100TA, as well as the usual issues.

This information is only relevant to you if you are looking to triple boot, encrypt your Linux system on the T100 series, searching for updates in regards to installing Linux, and/or differences when installing an Xcfe desktop such as Lubuntu. You are otherwise best referring to John Well’s post on how to install Ubuntu dual booting with Windows – if this is ultimately what you are looking to do.

In case you’re wondering why on Earth would you want to triple boot an Asus T100 additionally with an encrypted system? It’s a good question, with a few good answers:

  1. First and foremost, the T100TA-H1 comes with an additional 500g HDD keyboard dock (therefore located under the keyboard) – as well as the 32g SSD. See here for more details. Its hardware and specifications are otherwise that of the T100TA, but with some real hard drive space.
  2. Whilst there is still no onboard keyboard support for cryptsetup, therefore no simple way to unlock a LUKS encryption without a keyboard, a 500g disk located under the keyboard of this machine means that you would only be using this OS with a keyboard. Therefore encryption makes sense for the security of this ‘docked-only’ operating system.
  3. Having an un-encrypted Linux based system, in this case Lubuntu, installed on the 32g SSD is necessary to in order to use Linux on the transformer book when undocked. Not to mention a lightweight desktop is a good idea when partitioning an already small disk (32g).

Continue reading “Triple booting the Asus T100TA: Windows, Lubuntu and encrypted Linux Mint”

Easy & Secure Thunderbird: PGP encryption with Tor Birdy for Linux

pgp-smallThe following is a step by step guide for setting up Mozilla Thunderbird using PGP with the Engmail add-on over the Tor anonymity network via the TorBirdy add-on.

This is more of a compilation of instructions based on manuals for installing and setting up Thunderbird, followed by installing and setting up TorBirdy and Enigmail add-ons. Also includes additional configuration settings for best security and easiest access, as well as a few borrowed screenshot to help you through the process.

Requirements: Full disk or system encryption using Linux, otherwise the security of this procedure is not complete. An up to date version of Tor Browser, as well as a functional internet connection.

Tested on: Linux Mint 18.1 and Lubuntu 16.10/17.04.  This should otherwise work for all Debian-based systems, as well as those where Thunderbird is available. Instructions should work for Windows and OS X from steps 2-10, after Thunderbird installation.  Continue reading “Easy & Secure Thunderbird: PGP encryption with Tor Birdy for Linux”