====== Introduction ======
This will be anew attempt at getting a fully encrypted Archlinux system without systemd (if it works)
====== Install ======
I won't comment the first steps as they are equal to [[https://www.howtoforge.com/tutorial/how-to-install-arch-linux-with-full-disk-encryption/|How to install Arch Linux with Full Disk Encryption]]
I will use the first disk (500GB) for /boot and / and leave the SSD (256GB) for future VMs
===== boot on the CD/Install =====
following [[https://www.howtoforge.com/tutorial/how-to-install-arch-linux-with-full-disk-encryption/|How to install Arch Linux with Full Disk Encryption]] I create the 2 partitions (/boot and / crypted aka cryptroot)
cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat /dev/sda2
cryptsetup open --type luks /dev/sda2 cryptroot
mkfs.ext4 /dev/sda1
mkfs.ext4 /dev/mapper/cryptroot
mount -t ext4 /dev/mapper/cryptroot /mnt
mkdir -p /mnt/boot
mount -t ext4 /dev/sda1 /mnt/boot
pacstrap -i /mnt base base-devel
genfstab -U -p /mnt >> /mnt/etc/fstab
arch-chroot /mnt
sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
echo LANG=en_US.UTF-8 > /etc/locale.conf
in /etc/locale.conf:
LANG="en_US.UTF-8"
# Keep the default sort order (e.g. files starting with a '.'
# should appear at the start of a directory listing.)
LC_COLLATE="C"
Then continue:
echo "KEYMAP=us-acentos" > /etc/vconsole.conf
echo 30L3 > /etc/hostname
rm /etc/localtime
ln -s /usr/share/zoneinfo/Europe/Zurich /etc/localtime
passwd
useradd -m -g users -G wheel,games,power,optical,storage,scanner,lp,audio,video -s /bin/bash warnaud
passwd warnaud
pacman -S sudo grub-bios os-prober
EDITOR=vi visudo
vi /etc/default/grub
with:
GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:cryptroot"
then continue... :
vi /etc/mkinitcpio.conf
to add the "encrypt" hook:
HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck"
continue:
mkinitcpio -p linux
grub-install --recheck /dev/sda
grub-mkconfig --output /boot/grub/grub.cfg
exit
umount -R /mnt/boot
umount -R /mnt
cryptsetup close cryptroot
systemctl reboot
let the fun begin!
First disable iptables:
systemctl stop iptables
pacman -S openssh
and voilĂ , until reboot, ssh is accessible for user warnaud :)
systemctl enable dhcpcd@enp0s25
pacman -S wpa_supplicant xorg-server xorg-apps xorg-fonts xorg-fonts-100dpi xorg-fonts-75dpi xorg-twm xorg-xclock xorg-xinit xorg-xdm xterm xf86-video-intel xorg-xmessage xorg-xcalc xorg-xfontsel alsa-utils acpi acpid xf86-input-wacom libcups cups cups-filters ghostscript gsfonts rxvt-unicode urxvt-perls chromium imagemagick vlc emelfm2 flashplugin xosd ttf-dejavu artwiz-fonts libreoffice libreoffice-en-US libreoffice-fr ntp vim
Some graphical stuff:
pacman -S lightdm lightdm deepin-session-ui deepin
systemctl enable lightdm
lightdm does not work...
deepin looks like a big work in progress
====== More stuff to install / launch======
systemctl enable acpid
systemctl start acpid
pacman -S
Xorg and some other conf are in [[os:archlinux:30l3|Archlinux Install]]
Systemd is still here I know sorry, will update once openRC is installed/working check [[os:archlinux:30l3-nosystemd|this article]]
====== todo ======
* Unordered List Itemfind a nice WM/DE m(
* install virtualbox
* TPM: https://wiki.archlinux.org/index.php/Trusted_Platform_Module
* wifi stuff
References:
* https://wiki.archlinux.org/index.php/LightDM
* https://wiki.archlinux.org/index.php/Deepin_Desktop_Environment
* http://arnaud.fortier-family.com/wiki/doku.php/archlinux/30l3