That should be fine. There are lots of ways to do that, but the simplest is probably to just create two separate partitions and encrypt them both. That being said, make sure you have a good reason for choosing that setup instead of using subvolumes.
Timeshift using btrfs snapshots doesn’t support this. Timeshift is an extremely limited tool with regards to btrfs. You could use timeshift with rsync this way but if you are going to do that, why would you use btrfs in the first place?
btrfs gives you tons of cool functionality(subvolumes,snapshots,replication,etc) at the cost of performance and reliability. If you aren’t going to use that functionality, you are better off with a traditional filesystem like ext4 or xfs.
It is possible. I don’t think I was saying that it wasn’t
What I was trying to say is that there is a big difference between a single btrfs partition with subvolumes for root and home and having two different partitions. Before you commit to one setup or the other you should understand why you are making that decision.
The only thing that actually protects you from is your btrfs filesystem getting unrecoverably corrupt. Also, you can’t use btrfs snapshots that way so would have to use rsync.
Again, if you aren’t using btrfs snapshots and are using separate partitions, why are you using btrfs?
GRUB is early bootstage. On a device with an encrypted /boot there is no OS (no Linux kernel) available yet. Unfortunately Grub’s implementation is really slow on most machines, since (unlike the kernel) it can only do pure software decryption or AES-NI, not SSE-accelerated decryption. Thus your first grub unlock stage will probably take multiple times longer than your set iter-time; multiple in this context meaning it could take 10 or more times longer than the calculated default 2 seconds. So the encryption will probably add about 20sec to the boot time for most users.
This is because they all use an unencrypted boot partition. So, not really a “full disk encryption”.
Hi there,
is this awesome tutorial still working with the new installer or are there different steps to do since btrfs is now supported by the installer directly?
+1 on snapper. I have developed an aversion to Timeshift for its lack of flexibility - probably not entirely justified - and the limitations on rsync mode. snapper is harder to setup, but the results should make more sense!
Now - to find someone to guide me through a similar setup for ZFS.
I have installed EOS with btrfs and set up snapper on mine and a new tutorial by someone with more knowledge with btrfs set up would be great. I would still keep the old one because it has timeshift. On mine i used snap-pac and snapper-gui along with snapper. It’s all working but i have basic knowledge and understanding and just to restore a snap is work for me.
I would be happy to see a rewrite and will offer a test laptop to test a newly install. snapper would be good too, especially because there might be the possibility to have a separated /boot-partition which can be backuped with snapper too (see here). This may help out all those that are impatient about the long boot times because of grub being that slow on decrypting the encrypted /boot-partition. I know that an unencrypted /boot-partition has less security, but it might be something optional.
Another advantage of an unencrypted boot partition is that it makes using BTRFS with multiple disks (see here )easier.
I have my root partition spanning two disks, the 128GB disk the system came with and a 1TB disk I added. This allows me to not worry about running out of disk space.
I also done it this way because I wanted to see if it could be done…
(It would be better if I had two disks of the same size so I could go with a RAID 1 setup. I’ll put this idea on my holiday wishlist.)
I just performed the install using the “BTRFSonLUKS” guide ( verbose edition )
With the latest installer almost everything went perfectly and got me exactly what I want. There is one change to note that is different in the newer installer.
@2000 - Under step “#02 – OPTIONAL – Change default btrfs calamares settings for fstab”
The fstab is no longer located in /usr/share/calamares… It is now at:
/etc/calamares/modules/fstab.conf
A big thanks again for putting this guide together I’ve been using for a year and a half now without a single issue on a laptop that gets a lot of use. Found this change doing the install on a work computer that has been running ubuntu for years.
Hello, I have seen that the guide is almost brand-new updated (2021-12-19).
However when I did the copy&pasta version with the new atlantis-neo installer, I received some errors (which I neglected at that time) and those (I assume) lead to the issue that my drive was not encrypted in the end.
The drive was setup with BTRFS subvolumes but no encryption took place.
