On 07/06/2016 08:06 AM, potentialuser wrote:
> Hey everybody! After playing around with openSUSE 42.1 I’m finally ready
> to convert from Debian. I just needed a little advice when it comes to
> My current setup looks something like this:
> sda1: /boot (500MB EXT4)
> sda2: / (160GB EXT4, Encrypted)
> sda3: /swap (8GB, swap, Encrypted)
> sdb1: /home (4TB, EXT4, Encrypted)
Well that’s interesting.
> No LVM is involved here, just three encrypted partitions. (This means I
> have to enter three passwords at boot, but personally I prefer that over
> messing with LVM…)
It may help if you explain “why” you would prefer redundant work over
using LVM. LVM is really awesome, and basically shouldn’t cause you any
pain once setup, which the installer will do for you. I would HIGHLY
recommend that you reconsider this position. Maybe other distributions
make it a manual thing, but with openSUSE you just check the ‘Encrypt LVM’
checkbox and you’re done.
> Anyway I’d love to drop in openSUSE without disturbing home.
Definitely, and that should be possible generally, though where yours is
encrypted I guess we’ll see how the installer handles that.
> I’ve been playing around in a VM and when I try to re-create this setup,
> the installer won’t let me create an encrypted root. Specifically it
> says: “Error – you have assigned an encrypted file system to a
> partition with one of the following mount points: /, /usr, /boot,/var.
> This is not possible. Change the mount point or use a nonloopbacked file
> Is it impossible to have an encrypted root without using LVM?
It may be possible to setup, but the installer itself is probably not
programmed to recognize every kind of encryption setup out there.
Generally this is done in SUSE-land, using LVM because it’s easy, adds
flexibility, and lets you encrypt everything short of /boot (which does
not matter with regard to encryption) with a single password (who wants to
type multiple passwords just to boot, after all? nobody does, though
apparently you are willing to do that currently).
Since your root filesystem with Debian stuff has no value to openSUSE,
just go ahead and wipe it. The installer can probably be told, maybe
manually, to convert all of those into LVM (0x8e) partitions, which can
then be part of one big (encrypted) volume group, which can then be
divided into two logical volumes for swap and / (root), respectively, all
happily encrypted and managed out of the box. You would then have two
passwords on startup (LVM and /home) but you could potentially,
space-permitting (including if you have a way to backup/restore /home),
copy data from /home to a temporary location, make /home a LVM partition
as well, and then add that to the volume group. Once done, create a new
logical volume for /home, copy the data back in, and now you have one very
flexible (with regard to filesystems) sstem, encrypted with one password,
with all of your relevant (/home) data.
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…