LVM encrypted, 1 HD, 1 SSD install - How-to?

Hello everyone,

Here is a brand new Ubuntu Budgie 20.10 user who has recently migrated from the Debian+LXDE combo for a number of reasons being the desktop GUI and fresher software two of them.

My setting is: laptop with the disks:
/dev/sda 1TB HD (old one)
/dev/sdb 720GB SSD (new one, replacing DVD-ROM inside a caddy)

My goal is to use LVM encrypted and set:

/dev/sdb 720GB has:
efi in the /dev/sdb 720GB, taking 512MB
/boot in in the /dev/sdb 720GB, taking 1GB, as ext4
all remaining space, as physical volume encrypted and
/ in the /dev/sdb 720GB

/dev/sda 1TB has a new partition and then select physical volume encrypted:
/home in the /dev/sda 1TB, so the whole disk /dev/sda will be used by /home

So far, I have run over 5 attempts but cannot find a way to get this setting working when booting the Ubuntu Budgie ISO from a USB flash drive.

Could anyone please cast some light on this issue and clarify?

I have read already a number of guides online but have not found one that attempts to use LVM encrypted across two hard drives so I am addressing you for support.

I thank you for your time and advice and wish you all a great 2021 ahead!


Hi and welcome.

This definitely isn’t my area so just a few pointers.

The official ubuntu support forums and should be consulted as well since this is a generic issue.

A brief look around and it appears luks is a one disk solution… well at least that’s as far as my limited knowledge here goes.

A few results mentions using alternate file systems such as btfrs probably trying to tie the two disks to appear as one logical device for luks to work.

I found this blog as well … seems to be quite involved but maybe well give some pointers

@fossfreedom Thank you for your interest and reply.

Success at last. Here are the steps involved for review and reference:
old drive is /dev/sda
new drive is /dev/sdb

sudo fdisk /dev/sda
sudo cryptsetup luksFormat /dev/sda1
sudo mkdir /etc/keys
sudo dd if=/dev/urandom of=/etc/keys/sda1.luks bs=4k count=1
sudo cryptsetup luksAddKey /dev/sda1 /etc/keys/sda1.luks 
sudo cryptsetup --key-file /etc/keys/sda1.luks luksOpen /dev/sda1 sda1_crypt
sudo pvcreate /dev/mapper/sda1_crypt 
sudo vgcreate vg1tb-disk /dev/mapper/sda1_crypt
sudo lvcreate -l 100%FREE -n data /dev/vg1tb-disk
sudo mkfs.ext4 /dev/vg1tb-disk/data 
sudo mkdir /mnt/data
sudo mount /dev/vg1tb-disk/data /mnt/data/
sudo blkid 
/dev/sda1: UUID="11111111-2222-3333-4444-555555555555" TYPE="crypto_LUKS" PARTUUID="99999999-8888-7777-6666-555555555555"
/dev/mapper/sda1_crypt: UUID="AAAAAA-BBBB-CCCC-DDDD-EEEE-FFFF-GGGGGG" TYPE="LVM2_member"
sudo nano /etc/crypttab
sda1_crypt UUID=11111111-2222-3333-4444-555555555555 /etc/keys/sda1.luks luks
sudo nano /etc/fstab
/dev/mapper/vg1tb--disk-data	/mnt/data	ext4	defaults
sudo cp -rp /home/* /mnt/data
sudo mv /home /home.orig
sudo mkdir /home
sudo umount /dev/mapper/vg1tb--disk-data
sudo mount /dev/mapper/vg1tb--disk-data /home
sudo nano /etc/fstab 
# replace previously added line at the bottom of the file with...
/dev/mapper/vg1tb--disk-data    /home ext4      defaults        0       0
sudo reboot
sudo rm -r /home.orig

Cannot add [SOLVED] to Topic - first message not editable

Suggested reading:

1 Like