API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 19th, 2019
49
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.98 KB | None | 0 0
raw download clone embed print report
  1. # sda1 -> boot 220MB
  2. # sda2 -> / 120GB
  3. # sda3 -> /swap 8GB
  4. # sda4 -> /home 110GB
  5. sed -e 's/\s*\([+0-9a-zA-Z]*\).*/\1/' << EOF | fdisk /dev/sda
  6. o # clear current table (root)
  7. n # new partition (boot)
  8. p # primary
  9. 1 # number 1
  10. # default - start at beginning of disk
  11. +220M # 220MB boot
  12. n # new partition
  13. p # primary
  14. 2 # number 2
  15. # default - start at beginning of disk
  16. +120G # 120GB root
  17. n # new partition (swap)
  18. p # primary
  19. 3 # number 3
  20. # default - start at beginning of disk
  21. +8G # 8GB Swap
  22. t # change Partition Type
  23. 3 # of partion 3
  24. 82 # to swap
  25. n # new partition (home)
  26. p # primary
  27. # default - start at beginning of disk
  28. # Till the End of HDD (110 GB)
  29. w # write
  30. EOF
  31.  
  32. echo Y | mkfs.ext4 /dev/sda1 # Y wipes old signature
  33. echo Y | mkfs.ext4 /dev/sda2
  34. echo Y | mkfs.ext4 /dev/sda4
  35.  
  36. echo -n '123' > /tmp/pass #CHRIS? Wo sonst
  37. chown root:root /tmp/pass; chmod 400 /tmp/pass
  38.  
  39. #/
  40. echo YES | cryptsetup -v luksFormat --type luks2 /dev/sda2 /tmp/pass
  41. cryptsetup open /dev/sda2 cryptroot --key-file /tmp/pass
  42. mkfs.ext4 /dev/mapper/cryptroot
  43. mount /dev/mapper/cryptroot /mnt
  44.  
  45. #swap
  46. echo YES | cryptsetup -y -v luksFormat --type luks2 /dev/sda3
  47. cryptsetup open /dev/sda3 cryptswap --key-file /tmp/pass
  48. mkswap /dev/mapper/cryptswap
  49. swapon /dev/mapper/cryptswap
  50.  
  51. #home
  52. echo YES | cryptsetup -y -v luksFormat --type luks2 /dev/sda4 /tmp/pass
  53. cryptsetup open /dev/sda2 crypthome --key-file /tmp/pass
  54. mkfs.ext4 /dev/mapper/crypthome
  55. mkdir /mnt/home
  56. mount /dev/mapper/crypthome /mnt/home
  57.  
  58. #CHRIS Sollte man eher / mit Passwort absichern, welches dann immer beim boot eingeben wird, und dann swap und /home mit keyfile entschlüsseln, welche auf / liegt?
  59.  
  60. cat /etc/mkinitcpio.conf | sed 's/^HOOKS.*/HOOKS="base udev autodetect modconf block keyboard keymap encrypt lvm2 filesystems fsck"/' > /tmp/mk
  61. cat /tmp/mk > /etc/mkinitcpio.conf
  62.  
  63. #TODO Crypt in GRUB
  64.  
  65.  
  66. pacstrap /mnt base base-devel
  67. genfstab -U -p /mnt >> /mnt/etc/fstab
  68.  
  69. grub-install /dev/sda
  70. grub-mkconfig -o /boot/grub/grub.cfg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!