Install an Encrypted Arch Linux (LVM-LUKS) 🔒
As always and for everything, read the wiki.
Boot the live environment
Load keyboard layout (latin-america)
# loadkeys la-latin1
# iwctl
Assuming the case for UEFI mode.
# ls /sys/firmware/efi/efivars
# fdisk -l
# gdisk /dev/sda
o
y
n
enter
+512MIB
ef00
n
enter
8e00
w
y
# mkfs.fat -F32 /dev/sda1
Encryption configuration (cryptsetup)
# cryptsetup luksFormat /dev/sda2
# cryptsetup open --type luks /dev/sda2 lvm
# pvcreate /dev/mapper/lvm
# vgcreate volume /dev/mapper/lvm
# lvcreate -L2G volume -n swap
# lvcreate -L50G volume -n root
# lvcreate -l 100%FREE volume -n home
# mkfs.ext4 /dev/mapper/volume-root
# mkfs.ext4 /dev/mapper/volume-home
# mkswap /dev/mapper/volume-swap
# mkdir /mnt/home
# mkdir /mnt/boot
# mount /dev/mapper/volume-root /mnt
# mount /dev/sda1 /mnt/boot
# mount /dev/mapper/volume-home /mnt/home
# swapon /dev/mapper/volume-swap
Core installation
# pacstrap /mnt base base-devel linux linux-firmware vim networkmanager mkinitcpio lvm2 cryptsetup
Generate fstab
# genfstab -U /mnt >> /mnt/etc/fstab
# arch-chroot /mnt
# ln -s /usr/share/zoneinfo/America/Mexico_city /etc/localtime
# hwclock --systohc --utc
# vim /etc/locale.gen
es_MX.UTF-8 UTF-8
# locale-gen
# locale > /etc/locale.conf
# vim /etc/hostname
# vim /etc/hosts
127.0.0.1 localhost
::1 localhost
127.0.1.1 myhostname.localdomain myhostname
# vim /etc/mkinitcpio.conf
HOOKS=(base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck)
Recreate initramfs
# mkinitcpio -P
# passwd
bootctl --path=/boot install
# vim /boot/loader/loader.conf
default arch
timeout 3
editor 0
# vim /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=86a872ee-b133-4e13-8283-d99024361d79:volume root=/dev/mapper/volume-root quiet rw
:read ! blkid /dev/sda2
Ctrl+D
# umount -R /mnt
# reboot
# useradd -m -G wheel your_username
# passwd youruser_name
# sudo pacman -S sudo
# vim /etc/sudoers
%wheel ALL=(ALL) ALL
# vim /etc/pacman.conf
ILoveCandy
# sudo pacman -Syu && reboot
$ sudo pacman-key init