wiki-system/Unbuntu-20.04-encrypt-ZFS-install.md

76 lines
3.2 KiB
Markdown
Raw Normal View History

2020-06-22 10:23:07 +02:00
source : [Linsomniac's Articles - Encrypting ZFS on Ubuntu 20.04](https://linsomniac.gitlab.io/post/2020-04-09-ubuntu-2004-encrypted-zfs/)
2020-06-22 10:03:52 +02:00
# Unbuntu 20.04 encrypt ZFS install
2020-06-22 10:15:50 +02:00
Here we are going to install Ubuntu 20.04 in **almost** full zfs updating **zsys-setup** to permit **zfs encryption**. Read bellow articles to understand why 2 differerent pools and full implementation.
2020-06-22 10:09:46 +02:00
2020-06-22 10:09:56 +02:00
* [ZFS focus on Ubuntu 20.04 LTS: whats new?](https://didrocks.fr/2020/05/21/zfs-focus-on-ubuntu-20.04-lts-whats-new/)
2020-06-22 10:09:46 +02:00
* [ZFS focus on Ubuntu 20.04 LTS: ZSys general presentation](https://didrocks.fr/2020/05/26/zfs-focus-on-ubuntu-20.04-lts-zsys-general-presentation/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys sate management](https://didrocks.fr/2020/05/28/zfs-focus-on-ubuntu-20.04-lts-zsys-general-principle-on-state-management/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys commands for state management](https://didrocks.fr/2020/06/02/zfs-focus-on-ubuntu-20.04-lts-zsys-commands-for-state-management/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys state collection](https://didrocks.fr/2020/06/04/zfs-focus-on-ubuntu-20.04-lts-zsys-state-collection/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys for system administrators](https://didrocks.fr/2020/06/09/zfs-focus-on-ubuntu-20.04-lts-zsys-for-system-administrators/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys partition layout](https://didrocks.fr/2020/06/11/zfs-focus-on-ubuntu-20.04-lts-zsys-partition-layout/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys dataset layout](https://didrocks.fr/2020/06/16/zfs-focus-on-ubuntu-20.04-lts-zsys-dataset-layout/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys properties on ZFS datasets](https://didrocks.fr/2020/06/19/zfs-focus-on-ubuntu-20.04-lts-zsys-properties-on-zfs-datasets/)
2020-06-22 10:03:52 +02:00
## initial boot and ssh
2020-06-22 09:47:36 +02:00
Boot the Ubuntu 20.04 Desktop installer/live CD.
Click the “Try Ubuntu” button.
launch a terminal.
2020-06-22 09:16:32 +02:00
set a passwd to root to permit remote ssh
~~~
2020-06-22 09:47:36 +02:00
$ sudo su
2020-06-22 10:03:52 +02:00
## passwd
2020-06-22 09:16:32 +02:00
New password :
Retype new passord :
passwd: password updated successfully
~~~
2020-06-22 09:47:36 +02:00
Install ssh to simplfy configuration edit.
~~~
2020-06-22 10:03:52 +02:00
## apt install ssh
2020-06-22 09:47:36 +02:00
~~~
2020-06-22 09:45:04 +02:00
Edit **/etc/ssh/sshd_config** to **Enable PermitRootLogin** change *prohibit-password* to *yes* like bellow.
2020-06-22 09:16:32 +02:00
~~~{.shell}
#PermitRootLogin prohibit-password
PermitRootLogin yes
~~~
~~~
service ssh restart
~~~
2020-06-22 09:47:36 +02:00
find yout IP with : *ip a*
2020-06-22 09:16:32 +02:00
then connect remotely with : *ssh*
2020-06-22 09:47:36 +02:00
2020-06-22 10:03:52 +02:00
## update zsys-setup to enable zfs encyption on rpool
2020-06-22 09:16:32 +02:00
bpool remain unencrypt.
Search for “zpool create”, and make sure you have found the create command that has “rpool” on the last line.
Before the “zpool create” insert: echo MYPASSWORD |
Before the last line of the command insert these lines:
~~~{.cpp}
2020-06-22 09:43:02 +02:00
-O recordsize=1M \
-O encryption=aes-256-gcm \
-O keylocation=prompt \
-O keyformat=passphrase \
2020-06-22 09:56:32 +02:00
~~~
2020-06-22 10:03:52 +02:00
## swap
2020-06-22 09:58:01 +02:00
2020-06-22 10:19:47 +02:00
you may be interrested if you are on a laptop in : [right fit swap for laptop hibernation Ubuntu 20.04 full ZFS install](right-fit-swap-for-laptop-hibernation-Ubuntu-20.04-full-ZFS-install)
2020-06-22 09:58:01 +02:00
2020-06-22 10:03:52 +02:00
## start installation
2020-06-22 09:58:01 +02:00
2020-06-22 14:15:03 +02:00
Run ubiquity to start the installer and install as normal, selecting “Use entire disk” and the option to use ZFS.
## questions to be solves
* what happen if zpool passwd is not given at boot shutdown ?