Hello EOS forums,
After getting confused during the installation. I did not encrypt the system and now I want to do that properly.
I am dual booting with windows 10 and this is my partitions layout :
---------------------------------------------------------------------------------------
sdb 8:16 0 238.5G 0 disk
├─sdb1 8:17 0 100M 0 part /boot/efi << EFI obviously
├─sdb2 8:18 0 16M 0 part <<
├─sdb3 8:19 0 117.7G 0 part << Windows C: Veracrypted
├─sdb4 8:20 0 508M 0 part << System reserved by windows
├─sdb5 8:21 0 48.8G 0 part / << EOS /root
├─sdb6 8:22 0 4G 0 part [SWAP] << Swap partition
└─sdb7 8:23 0 67.3G 0 part /home << EOS /home
-----------------------------------------------------------------------------------------
Did you just install EOS? Of course there is a manual way to encrypt the installed system and I’m sure someone can explain how to do it. But if you just installed then a reinstall with encryption would be the easiest way to achive your goal.
Another vote for a re-install. After all, if you choose an ONline install (and manual partitioning) it should be done with in less than 10 minutes (takes 3 on my setup for a plain install), and less brain strain too!
It is starting to seem that this is the best way to do it.
So during the re-installation how do I encrypt separate home and root with manual partitioning? so I don’t get confused again.
Before someone gives you a walk-through (or equivalent) it might be a good idea to describe what purposes you have in mind for the setup you showed? For instance, I personally would keep / and /home together, and have a separate data directory to keep that all on its own…nad mount it in /etc/fstab. When you link the subdirs (like Music and Pictures and Vide etc), it works just like 1 seamless drive, but with all the advantages of separate data partition when it comes to backups and so on…
Yeah, the purpose is important. For instance why only partial encryption?
Full disk encryption:
Pros: you have no risk of leaking some sensitive data in a non encrypted partition
Cons: if things go wrong, the full disk become unreadable and you will have to try to recover/reinstall from a removable bootable media: do not forget to build and securely store it
Encrypted partition(s):
Pros: if things go wrong, the unencrypted partitions will be easier to recover
Cons: if you only encrypt a data partition, sensitive data can end in temporary files or swap file in a non encrypted partition
I am not that expert in Linux but it is recommended to keep configs for programs and themes and fonts for easy reinstall or even installing another distro.
I already have a separate disk for data and backup and large files.
