Does not show encrypted partition

Try marking it as "Use as: physical volume for encryption", and then select the "Configure encrypted volumes" item on the main partitioner menu.

@Colin Watson:

Your tip works only halfway. Setting up the partition as "physical volume for encryption" makes it visible to the installer as an encrypted partiton, then going into "Configure encrypted volumes" and choosing "Finish" asks for the passphrase. The problems start there...

The passphrase is asked twice, as if the installer wants to initilialize the crypt partion instead of merely opening the existing crypted data in the partition. Back in the main manual partitioning menu, the encrypted partition in shown to be formatted as an ext4 filesystem. The partiton *should* contain a LVM physical volume. Even setting the encrypted partition to LVM does not work, as the previous content (one volumegroup named "system" containing several logical volumes) is not recoverable. Please see attached screenshot "cryptpart-wrong.png".

Workaround:
==========
* Run the installer until asked to choose a name for the system. Do not enter it yet!
* Change to virtual console 2 (Alt-F2) and press Enter to activate it.
* Enter "cryptsetup luksOpen /dev/sda5 sda5_crypt" and enter correct passphrase.
* Enter "vgscan", system should detect LVM VG in PV /dev/sda5_crypt.
* Enter "vgchange -ay" to activate the VG and getting access to the LVs in the VG.
* Change back to virtual console 1 running the installer (Alt-F1).
* Choose a system name.
* Choose "Manual" as partitioning method.
* You should see the decrypted partition containing the LVM VG and the LVs. But note that /dev/sda5 is still not shown as an encrypted partition! Please take a look at "cryptpart-almostright.png".

Please note: The above workaround is not complete. After setting up your filesystems and mount points, installation continues, but GRUB2 installation fails. After choosing "Continue without installing bootloader", system reboots and GRUB2 comes up, but booting the new Natty installation drops into the initram shell. Now you have to

* enter "cryptsetup luksOpen /dev/sda5 sda5_crypt"
* enter "vgchange -ay" (no vgscan needed or even possible)
* enter "exit" to resume boot process.

After logging in, you have to set up a working /etc/crypttab (probably missing because the installer did not create the crypted partition itself) and create a new initrd. To do so,

* enter "sudo blkid | grep crypto_LUKS"

and copy/paste the UUID into a new /etc/crypttab file, which has to look as follows:

sda5_crypt UUID=<UUID from blkid cmd here> none luks

Then regenerate the initrd:

* Enter "update-initramfs -u"

Now Ubuntu will ask for the passphrase of the encrypted partition and boot successfully.

Just as an aside: Personally, I think this is a release critical bug. First, I don't like updating my OS in place, even as Ubuntu/Debian make this as painless as possible. Sometimes, an update still goofs. Second, I like to test alpha versions of Ubuntu (Kubuntu, actually) on my physical hardware instead of virtual machines, but I still need a "production" installation. So, my disk layout is like this:

* Two small primary partitions as ext2 filesystems (sda1 & sda2). These are /boot for 2 parallel installations.
* An extended partition filling the rest of the disk. (sda3)
* In that, a logical partition filling the extended partition (sda5). This one is encrypted because my machine is a laptop.
* A LVM Physical Volume in sda5_crypt, the sole member of the Volume Group "system".
* 4 Logical Volumes in VG system:
** root1/ext4 as / for my first installation
** root2/ext4 as / for my second installation
** swap/swap shared between both installations
** home/ext4 shared between both installations

Right now, an installation of Natty will at best abort and at worst drop the LVM, shredding /home in the process. Without encryption, there's no real need for LVM and everythings works fine with simple partitions.

I took a look at Debians bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566497 ("Install: Please support reusing existing crypt-lvm partitions"), so maybe this bug will be considered upstream?

Thanks fpr looking into this,
Jochen

Here's the notes I have from installing 10.04 on top of an existing encrypted disk. I think it might be a little easier than using the terminal, but maybe not.

* Backup /etc/crypttab
* Boot new CD, choose rescue
* Enter passphrase for encrypted disk
* At choose root partition, Back, to menu
* Go to partition disks
* Select partitions, remember /boot
* Format root partition and /boot, leave others
* Continue with installation
* Restore /etc/crypttab
As per http://ubuntuforums.org/showthread.php?t=1205372

I agree, I think this (or #420080) is release critical. Wiping encrypted data without warning is totally uncool!

Thanks for your notes and the link! Your way is certainly easier as it lets you circumvent the command line for the most part - with the exception of restoring /etc/crypttab, perhaps? On the other hand, doing it my way gets you acquainted with the basic commands for crypted partitions, LVM, initramfs, and last but not least one reboot less! :)

As this problem seems to lie in the debian-installer, I'd settle for a big fat warning that crypted volumes will be reinitialized with complete data loss. But I'd really wish to see this problem solved (existing crypted partition detected & activated during installation) at least for the next LTS version, as some people will have used the feature with 10.04 LTS for the first time. These are exactly the kind of users who frown heavily on data loss without warning...