I want to create an encrypted installation where root and /home are encrypted, but root will be on SSD and /home on a HDD.
Can I get this done by
-
Choosing "LVM" and "encryption" in the installer and installing Ubuntu MATE on my SSD. Then
-
a) Creating LUKS partition for /home with cryptsetup on HDD,
$ sudo cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 /dev/sdb1
setupping the device mapper,
$ sudo cryptsetup luksOpen /dev/sdb1/ crypt_home
create the ext4 filesystem
$ sudo mkfs.ext4 /dev/mapper/crypt_home
- b) Same for swap
$ sudo cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 /dev/sdb2
$ sudo cryptsetup luksOpen /dev/sdb2/ crypt_swap
$ sudo mkswap /dev/mapper/crypt_swap
- Inserting mapper/crypt_home and swap in /etc/fstab
/dev/mapper/crypt_home /home ext4 defaults 1 2
/dev/mapper/crypt_swap none swap sw 0 0
- inserting home and swap in /etc/crypttab
crypt_home /dev/sdb1 none luks
crypt_swap /dev/sdb2 none luks
Maybe creating keyfiles in /root/ too before the last step.
Am I missing something?