[Bug 1780971] Re: Insufficient options for encryption

Simon Quigley 1780971 at bugs.launchpad.net
Sat Feb 22 08:07:55 UTC 2025 

** Changed in: ubiquity (Ubuntu)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1780971

Title:
  Insufficient options for encryption

Status in ubiquity package in Ubuntu:
  Won't Fix

Bug description:
  So someone felt they should edit my bug report description (despite it
  remaining in my name) to simply this...

  ---
  When installing side by side with Windows, the option to use encryption is not provided.
  ---

  Which is only one way of looking at the bug.  I am really not happy
  that this has been edited as it is putting words in my mouth, so again
  here is the original description.  If you are unhappy with my bug
  report, I would rather you mark it as invalid or delete it rather than
  start rephrasing what I have said into something I was not trying to
  say.

  ---
  My workplace gave me a new Dell laptop and (although I don't use Windows, unlike my colleagues) I have been told to keep the Windows partitions intact (e.g. the Dell/Windows recovery, EFI and main Windows partitions) probably so that if the laptop needs re-purposing later they can as Windows 10 doesn't seem to use a serial/recovery media any more.

  I was happy to oblige with this request and on first ever laptop power
  on got it booting the Ubuntu MATE 18.04 installer from USB pen. I'd
  have loved to have just picked the encryption option presented (which
  also makes LVM mandatory) but this would erase Windows off too... so I
  had to use the advanced partitioning screen... where I shrank the main
  Windows partition and made myself a little ext4 /boot partition and an
  encrypted ext4 root partition.

  This was fine until I realised that hibernation doesn't work with swap
  files (read other reports online about this) and needs a swap
  partition (something I am pleased to say has now become the default as
  I hate swap partitions - that is... until now, when I need one).

  Making another partition for encrypted swap would have worked but
  would surely have resulted in two password prompts on boot and a lot
  of re-configuring. Which got me thinking that what was really needed
  in this use case... is a way of using the normal encryption option in
  the installer (not using the advanced partition screen) which uses LVM
  also (so both swap and root partitions are covered by the same
  encryption)... BUT in a way that it just uses whatever free space is
  available... rather than wiping the whole disk.

  In the end I had to manually create the ext4 /boot, the crypt
  partition, LVM pv on top of that, the LVM vg, two LVM lv's and format
  them... then open up the installer for the advanced partitioning
  screen to see the pre-existing /dev/mapper/ entries for it to install
  to. But because the installer doesn't know it is installing to an
  encrypted area I still had to (afterwards) teach it about these by
  making a /etc/crypttab and reinstalling grub.

  So I do *at last* have a hibernating, dual booting and encrypted
  laptop.

  But it shouldn't be this difficult to get that surely?

  I'd equally welcome a way of installing with encryption (again to free
  space, not wipe whole disk) without LVM... but if this is with a swap
  partition then the user should only be prompted for a password once on
  boot (for both encrypted root and encrypted swap)... or if this is
  using a swap file inside the encrypted root partition then the
  hibernation/resume to/from swap file needs fixing.

  Sorry for the long report :)
  ---

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1780971/+subscriptions

More information about the foundations-bugs mailing list