soardex · June 17, 2015 13:08
diff --git a/gistfile1.txt b/gistfile1.txt
 #### Arch Linux Installation Crypted

 1. Boot Arch Linux iso image.
 2. Load keyboard and font to the iso.
 	
 	loadkeys us
 	setfont Lat2-Terminus16

 3. Find block device node.
 	
 	lsblk

 3. Create random entropy on disk (Warning: this will format the disk).

 	# if you want to have number of iterations
 	shread --random-source=/dev/urandom --iterations=3 /dev/sda

 	# one iteration
 	dd if=/dev/urandom of=/dev/sda
 	
 4. Partition the disk.
 	
 	gdisk /dev/sda
 	
 	- create protective mbr select `o` then `y`
 	- create partitions
 		- uefi n, 1, default, +2M, ef02
 		- boot n, 2, default, +250M, 8300
 		- swap n, 3, default, +1G, 8300
 		- root n, 4, default, default, 8300
 	- write and exit select `w` then `y`
 	
 5. Crypt the disk with LUKS.

 	modprobe dm_mod
 	
 	# create cryptographic device mapper
 	cryptsetup luksFormat /dev/sda3
 	cryptsetup luksFormat /dev/sda4
 	
 	# unlock the partition
 	cryptsetup luksOpen /dev/sda3 swap
 	cryptsetup luksOpen /dev/sda4 root
 	
 6. Format the partitions.

 	mkfs.ext2 /dev/sda2
 	mkswap /dev/mapper/swap
 	swapon /dev/mapper/swap
 	mkfs.ext4 /dev/mapper/root
 	
 7. Mount the partitions.

 	mount -t ext4 /dev/mapper/root /mnt
 	mkdir -p /mnt/boot
 	mount -t ext2 /dev/sda2 /mnt/boot
 	
 8. Install the base system.

 	pacstrap /mnt base base-devel
 	
 9. Generate an fstab. After modified according to needs.

 	genfstab -U -p /mnt >> /mnt/etc/fstab
 	
 10. Change root to configure the mounted base system.

 	arch-chroot /mnt
 	
 11. Customize configurations.

 	- edit locale in `/etc/locale.gen`
 		- uncomment en_US.UTF-8 UTF-8
 		- uncomment en_US ISO-8859-1
 	- run `locale-gen` to update the system
 	- edit locale config in `/etc/locale.conf`
 		- run `echo LANG=en_US.UTF-8 > /etc/locale.conf`
 		- export environment variable `export LANG=en_US.UTF-8`
 	- set the font and keymap in `/etc/vconsole.conf`
 		- add `KEYMAP=us`
 		- add `FONT=Lat2-Terminus16`
 	- set timezone `/etc/localtime`
 		- run `ln -s /usr/share/zoneinfo/Asia/Manila /etc/localtime`
 	- set the hardware clock in `/etc/adjtime`
 		- run `hwclock --systohc --utc`
 	- set hostname in `/etc/hostname`
 		- run `echo linuxhost > /etc/hostname`
 	- configure pacman repositories in `/etc/pacman.conf`
 		- enable the multilib
 	- set and edit `/etc/mkinitcpio.conf`
 		- add `ext4` on MODULES
 		- add `usb keymap encrypt` before `filesystems` on HOOKS
 	- run `mkinitcpio -p linux` to regenerate initramfs
 	
 12. Set root password.
 	
 	passwd
 	
 13. Create a system user and a power user and set password.

 	useradd -m -g users -G wheel,power,optical,storage,lp,audio,video -s /bin/bash username
 	passwd username
 	
 	useradd -m -g users -G wheel -s /bin/bash username
 	passwd username

 14. Install sudo.

 	pacman -S sudo
 	
 	- edit sudo users
 		- run `visudo`
 		- uncomment the desired settings
 	
 15. Install bootloader and os-prober.

 	pacman -S grub-bios os-prober
 	
 	- edit `/etc/default/grub`
 	- add the GRUB_CMDLINE_LINUX with variables `cryptdevice=/dev/sda4:root`
 	- install grub
 		- run `grub-install --target=i386-pc --recheck /dev/sda`
 	- create grub config
 		- run `grub-mkconfig -o /boot/grub/grub.cfg`

 16. Configure single network dhcpd.

 	systemctl enable [email protected]
 	
 17. Boot to the system.

 	exit
 	umount /mnt/boot
 	umount /mnt
 	reboot
 	
 18. After bootup set the swap partition.

 	- find the id of the swap partition.
 		- run `ls -l /dev/disk/*/* | grep sda3`
 	- edit `/etc/crypttab`
 		- add `swap /dev/disk/by-id/partition_id /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256`
 	- edit `/etc/fstab`
 		- add `/dev/mapper/swap swap swap defaults 0 0`
 	- remove old LUKS header
 		- run `dd if=/dev/zero of=/dev/sda3 bs=1M`

 19. Refresh repository package list. And update the system packages.

 	pacman -Syy
 	pacman -Syu
 	
 20. Install X.

 	pacman -S xorg-server xorg-xinit xorg-server-utils
 	pacman -S mesa
	#### Arch Linux Installation Crypted

	1. Boot Arch Linux iso image.
	2. Load keyboard and font to the iso.

	loadkeys us
	setfont Lat2-Terminus16

	3. Find block device node.

	lsblk

	3. Create random entropy on disk (Warning: this will format the disk).

	# if you want to have number of iterations
	shread --random-source=/dev/urandom --iterations=3 /dev/sda

	# one iteration
	dd if=/dev/urandom of=/dev/sda

	4. Partition the disk.

	gdisk /dev/sda

	- create protective mbr select `o` then `y`
	- create partitions
	- uefi n, 1, default, +2M, ef02
	- boot n, 2, default, +250M, 8300
	- swap n, 3, default, +1G, 8300
	- root n, 4, default, default, 8300
	- write and exit select `w` then `y`

	5. Crypt the disk with LUKS.

	modprobe dm_mod

	# create cryptographic device mapper
	cryptsetup luksFormat /dev/sda3
	cryptsetup luksFormat /dev/sda4

	# unlock the partition
	cryptsetup luksOpen /dev/sda3 swap
	cryptsetup luksOpen /dev/sda4 root

	6. Format the partitions.

	mkfs.ext2 /dev/sda2
	mkswap /dev/mapper/swap
	swapon /dev/mapper/swap
	mkfs.ext4 /dev/mapper/root

	7. Mount the partitions.

	mount -t ext4 /dev/mapper/root /mnt
	mkdir -p /mnt/boot
	mount -t ext2 /dev/sda2 /mnt/boot

	8. Install the base system.

	pacstrap /mnt base base-devel

	9. Generate an fstab. After modified according to needs.

	genfstab -U -p /mnt >> /mnt/etc/fstab

	10. Change root to configure the mounted base system.

	arch-chroot /mnt

	11. Customize configurations.

	- edit locale in `/etc/locale.gen`
	- uncomment en_US.UTF-8 UTF-8
	- uncomment en_US ISO-8859-1
	- run `locale-gen` to update the system
	- edit locale config in `/etc/locale.conf`
	- run `echo LANG=en_US.UTF-8 > /etc/locale.conf`
	- export environment variable `export LANG=en_US.UTF-8`
	- set the font and keymap in `/etc/vconsole.conf`
	- add `KEYMAP=us`
	- add `FONT=Lat2-Terminus16`
	- set timezone `/etc/localtime`
	- run `ln -s /usr/share/zoneinfo/Asia/Manila /etc/localtime`
	- set the hardware clock in `/etc/adjtime`
	- run `hwclock --systohc --utc`
	- set hostname in `/etc/hostname`
	- run `echo linuxhost > /etc/hostname`
	- configure pacman repositories in `/etc/pacman.conf`
	- enable the multilib
	- set and edit `/etc/mkinitcpio.conf`
	- add `ext4` on MODULES
	- add `usb keymap encrypt` before `filesystems` on HOOKS
	- run `mkinitcpio -p linux` to regenerate initramfs

	12. Set root password.

	passwd

	13. Create a system user and a power user and set password.

	useradd -m -g users -G wheel,power,optical,storage,lp,audio,video -s /bin/bash username
	passwd username

	useradd -m -g users -G wheel -s /bin/bash username
	passwd username

	14. Install sudo.

	pacman -S sudo

	- edit sudo users
	- run `visudo`
	- uncomment the desired settings

	15. Install bootloader and os-prober.

	pacman -S grub-bios os-prober

	- edit `/etc/default/grub`
	- add the GRUB_CMDLINE_LINUX with variables `cryptdevice=/dev/sda4:root`
	- install grub
	- run `grub-install --target=i386-pc --recheck /dev/sda`
	- create grub config
	- run `grub-mkconfig -o /boot/grub/grub.cfg`

	16. Configure single network dhcpd.

	systemctl enable [email protected]

	17. Boot to the system.

	exit
	umount /mnt/boot
	umount /mnt
	reboot

	18. After bootup set the swap partition.

	- find the id of the swap partition.
	- run `ls -l /dev/disk// \| grep sda3`
	- edit `/etc/crypttab`
	- add `swap /dev/disk/by-id/partition_id /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256`
	- edit `/etc/fstab`
	- add `/dev/mapper/swap swap swap defaults 0 0`
	- remove old LUKS header
	- run `dd if=/dev/zero of=/dev/sda3 bs=1M`

	19. Refresh repository package list. And update the system packages.

	pacman -Syy
	pacman -Syu

	20. Install X.

	pacman -S xorg-server xorg-xinit xorg-server-utils
	pacman -S mesa