Installing Ubuntu 18.04 with full disk encryption and home on its own partition

When installing Ubuntu 18.04 from scratch you get the option to use full disk encryption using LUKS and LVM, but it doesn't give you the option of specify your own partition layout; it creates a small swap partition and gives the rest to the root partition. To ease re-installing Ubuntu, I prefer to have a largish root partition and give the rest to a home partition. The easiest away I have found to do this is to let the Ubuntu installer do it's thing and then resize the root partition and add a home partition afterwards. This is complicated by the use of LUKS to encrypt the disk and it's not possible to resize a root partition while it's in use.

The following assumes that:

  • The encrypted partition is /dev/nvme0n1p3 (this is correct for Dell laptops with SSD disks)
  • The LVM volume group is called ubuntu-vg
  • The root partition will use 100GB of space
  • The home partition will use the rest of the free space on the disk

Install Ubuntu 18.04

During the Ubuntu install process select 'Erase the disk and install Ubuntu', 'Encrypt the new Ubuntu installation for security' and 'Use LVM with the new Ubuntu installation'. Once finished allow the computer to restart, decrypt the drive and login to ensure that the boot and login processes work. Now restart the computer and boot off the Ubuntu install medium.

Mount encrypted LUKS partition

You first need to decrypt the disk.

sudo cryptsetup luksOpen /dev/nvme0n1p3 ubuntu-vg

Resize root LVM partition

Now resize the root partition to 100GB.

sudo e2fsck -f /dev/mapper/ubuntu--vg-root
sudo resize2fs /dev/mapper/ubuntu--vg-root 90G
sudo lvreduce -L 100G /dev/mapper/ubuntu--vg-root
sudo resize2fs /dev/mapper/ubuntu--vg-root

Create a home LVM partition

Now create a new home partition using all the free disk space

sudo lvcreate -n home -l 100%FREE ubuntu--vg
sudo mkfs.ext4 /dev/mapper/ubuntu--vg-home

Move home from root to new partition

Copy everything off the home directory on the root partition into the new home partition.

mkdir root
sudo mount  /dev/mapper/ubuntu--vg-root root
mkdir home
sudo mount  /dev/mapper/ubuntu--vg-home home
rsync -av root/home/ home/

Ensure the new home directory is mounted at boot time

Edit the etc/fstab file in the mounted root partition and add the following:

/dev/mapper/ubuntu--vg-home /home           ext4    defaults        0       2

Unmount the drives and reboot

sudo umount root
sudo umount home
sudo reboot

And if all went well you have moved home onto it's own partition.

9th May 2019