Michel Le Cocq 2020-06-26 08:54:52 +02:00
parent 2060fbe02c
commit 92a9c06abd

@ -1,77 +1,77 @@
source : [Linsomniac's Articles - Encrypting ZFS on Ubuntu 20.04](https://linsomniac.gitlab.io/post/2020-04-09-ubuntu-2004-encrypted-zfs/) source : [Linsomniac's Articles - Encrypting ZFS on Ubuntu 20.04](https://linsomniac.gitlab.io/post/2020-04-09-ubuntu-2004-encrypted-zfs/)
# encrypt - Unbuntu 20.04 full ZFS install # encrypt - Unbuntu 20.04 full ZFS install
Here we are going to install Ubuntu 20.04 in **almost** full zfs updating **zsys-setup** to permit **zfs encryption**. Read bellow articles to understand why 2 differerent pools and full implementation. Here we are going to install Ubuntu 20.04 in **almost** full zfs updating **zsys-setup** to permit **zfs encryption**. Read bellow articles to understand why 2 differerent pools and full implementation.
* [ZFS focus on Ubuntu 20.04 LTS: whats new?](https://didrocks.fr/2020/05/21/zfs-focus-on-ubuntu-20.04-lts-whats-new/) * [ZFS focus on Ubuntu 20.04 LTS: whats new?](https://didrocks.fr/2020/05/21/zfs-focus-on-ubuntu-20.04-lts-whats-new/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys general presentation](https://didrocks.fr/2020/05/26/zfs-focus-on-ubuntu-20.04-lts-zsys-general-presentation/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys general presentation](https://didrocks.fr/2020/05/26/zfs-focus-on-ubuntu-20.04-lts-zsys-general-presentation/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys sate management](https://didrocks.fr/2020/05/28/zfs-focus-on-ubuntu-20.04-lts-zsys-general-principle-on-state-management/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys sate management](https://didrocks.fr/2020/05/28/zfs-focus-on-ubuntu-20.04-lts-zsys-general-principle-on-state-management/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys commands for state management](https://didrocks.fr/2020/06/02/zfs-focus-on-ubuntu-20.04-lts-zsys-commands-for-state-management/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys commands for state management](https://didrocks.fr/2020/06/02/zfs-focus-on-ubuntu-20.04-lts-zsys-commands-for-state-management/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys state collection](https://didrocks.fr/2020/06/04/zfs-focus-on-ubuntu-20.04-lts-zsys-state-collection/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys state collection](https://didrocks.fr/2020/06/04/zfs-focus-on-ubuntu-20.04-lts-zsys-state-collection/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys for system administrators](https://didrocks.fr/2020/06/09/zfs-focus-on-ubuntu-20.04-lts-zsys-for-system-administrators/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys for system administrators](https://didrocks.fr/2020/06/09/zfs-focus-on-ubuntu-20.04-lts-zsys-for-system-administrators/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys partition layout](https://didrocks.fr/2020/06/11/zfs-focus-on-ubuntu-20.04-lts-zsys-partition-layout/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys partition layout](https://didrocks.fr/2020/06/11/zfs-focus-on-ubuntu-20.04-lts-zsys-partition-layout/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys dataset layout](https://didrocks.fr/2020/06/16/zfs-focus-on-ubuntu-20.04-lts-zsys-dataset-layout/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys dataset layout](https://didrocks.fr/2020/06/16/zfs-focus-on-ubuntu-20.04-lts-zsys-dataset-layout/)
* [ZFS focus on Ubuntu 20.04 LTS: ZSys properties on ZFS datasets](https://didrocks.fr/2020/06/19/zfs-focus-on-ubuntu-20.04-lts-zsys-properties-on-zfs-datasets/) * [ZFS focus on Ubuntu 20.04 LTS: ZSys properties on ZFS datasets](https://didrocks.fr/2020/06/19/zfs-focus-on-ubuntu-20.04-lts-zsys-properties-on-zfs-datasets/)
## initial boot and ssh ## initial boot and ssh
Boot the Ubuntu 20.04 Desktop installer/live CD. Boot the Ubuntu 20.04 Desktop installer/live CD.
Click the “Try Ubuntu” button. Click the “Try Ubuntu” button.
launch a terminal. launch a terminal.
set a passwd to root to permit remote ssh set a passwd to root to permit remote ssh
~~~ ~~~
$ sudo su $ sudo su
## passwd ## passwd
New password : New password :
Retype new passord : Retype new passord :
passwd: password updated successfully passwd: password updated successfully
~~~ ~~~
Install ssh to simplfy configuration edit. Install ssh to simplfy configuration edit.
~~~ ~~~
## apt install ssh ## apt install ssh
~~~ ~~~
Edit **/etc/ssh/sshd_config** to **Enable PermitRootLogin** change *prohibit-password* to *yes* like bellow. Edit **/etc/ssh/sshd_config** to **Enable PermitRootLogin** change *prohibit-password* to *yes* like bellow.
~~~{.shell} ~~~{.shell}
#PermitRootLogin prohibit-password #PermitRootLogin prohibit-password
PermitRootLogin yes PermitRootLogin yes
~~~ ~~~
~~~ ~~~
service ssh restart service ssh restart
~~~ ~~~
find yout IP with : *ip a* find yout IP with : *ip a*
then connect remotely with : *ssh* then connect remotely with : *ssh*
## update zsys-setup to enable zfs encyption on rpool ## update zsys-setup to enable zfs encyption on rpool
bpool remain unencrypt. bpool remain unencrypt.
Search for “zpool create”, and make sure you have found the create command that has “rpool” on the last line. Search for “zpool create”, and make sure you have found the create command that has “rpool” on the last line.
Before the “zpool create” insert: echo MYPASSWORD | Before the “zpool create” insert: echo MYPASSWORD |
Before the last line of the command insert these lines: Before the last line of the command insert these lines:
~~~{.cpp} ~~~{.cpp}
-O recordsize=1M \ -O recordsize=1M \
-O encryption=aes-256-gcm \ -O encryption=aes-256-gcm \
-O keylocation=prompt \ -O keylocation=prompt \
-O keyformat=passphrase \ -O keyformat=passphrase \
~~~ ~~~
## swap ## swap
you may be interrested if you are on a laptop in : [right fit swap for laptop hibernation Ubuntu 20.04 full ZFS install](right-fit-swap-for-laptop-hibernation-Ubuntu-20.04-full-ZFS-install) you may be interrested if you are on a laptop in : [right fit swap for laptop hibernation Ubuntu 20.04 full ZFS install](right-fit-swap-for-laptop-hibernation-Ubuntu-20.04-full-ZFS-install)
## start installation ## start installation
Run ubiquity to start the installer and install as normal, selecting “Use entire disk” and the option to use ZFS. Run ubiquity to start the installer and install as normal, selecting “Use entire disk” and the option to use ZFS.
## questions to be solves ## questions to be solves
* what happen if zpool passwd is not given at boot shutdown ? * what happen if zpool passwd is not given at boot shutdown ?
* find a way to shut it down pass a delay * find a way to shut it down pass a delay