Ubuntu
ubiquity package

Desktop installer should have an encrypted LVM option

Bug #245399 reported by JP Vossen
24
This bug affects 4 people
Affects Status Importance Assigned to Milestone
ubiquity (Ubuntu)
Fix Released
Wishlist
Dimitri John Ledkov

Bug Description

Wishlist

The normal "desktop" installer should have an option like the alternate CD's "Guided - use entire disk and set up encrypted LVM". You only have to read /. or listen to the news to hear about a gazillion lost laptops with confidential data on them. I'd guess that many/most users will never bother with the alternate installer, since the normal (and recommended) desktop CD gives you a two-fer (LiveCD and install) when downloaded and burned. Thus they will not be aware of this great option.

And when you go to fix this, see also:

Guided partitioner with LVM leaves no free space for snapshots
https://bugs.launchpad.net/ubuntu/+bug/240813

See original description

Related branches

lp:~xnox/ubiquity/crypto-done
Colin Watson (community): Approve
Diff: 1348 lines (+765/-188)
12 files modified
bin/ubiquity (+7/-0)
d-i/lists/any (+2/-0)
debian/changelog (+15/-1)
debian/ubiquity.templates (+61/-3)
doc/ubi-partman-page-ask-statemachine.dot (+36/-0)
gui/gtk/stepPartAsk.ui (+124/-9)
gui/gtk/stepPartAuto.ui (+1/-40)
gui/gtk/stepPartCrypto.ui (+245/-0)
tests/test_gtkui.py (+2/-2)
ubiquity/plugins/ubi-partman.py (+214/-100)
ubiquity/plugins/ubi-usersetup.py (+10/-33)
ubiquity/validation.py (+48/-0)
Revision history for this message
Brian Murray (brian-murray) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. This bug did not have a package associated with it, which is important for ensuring that it gets looked at by the proper developers. You can learn more about finding the right package at https://wiki.ubuntu.com/Bugs/FindRightPackage . I have classified this bug as a bug in ubiquity the installer used on the Live CD.

Revision history for this message
Colin Watson (cjwatson) wrote :

This is on our roadmap, and I'd definitely love to do it, but we have to get some plumbing work done first in order to make it possible.

Changed in ubiquity:
importance: Undecided → Wishlist
status: New → Triaged
Revision history for this message
Micah Lee (micahflee) wrote :

I am very interested in getting this bug fixed in time for Oneiric. Would it be possible to get this added as an Oneiric before the Feature Definition Freeze on May 26?

I work for the Electronic Frontier Foundation and I recently wrote a blog post about this asking people to vote for this in Ubuntu Brainstorm:
https://www.eff.org/deeplinks/2011/05/help-bring-disk-encryption-ubuntu-live-cd
http://brainstorm.ubuntu.com/idea/24712/

It has received hundreds of new votes in just the last couple of days.

Windows 7 comes with BitLocker full disk encryption out of the box. The new version of Mac OS X coming out, Lion, is updating FileVault to do full disk encryption out of the box (instead of just home dir encryption that's available in Snow Leopard). Ubuntu really should offer this as well, and make it easy. Ubuntu is in danger of falling behind the two major proprietary operating systems in this important security and privacy feature.

There is also an Ubuntu Forums thread about it:
http://ubuntuforums.org/showthread.php?p=10792967

Revision history for this message
Jeremy Bícha (jbicha) wrote :

By the way, Windows 7 does not do full-disk encryption out of the box; I installed it yesterday and there is no option for that. It requires a specific partition setup.

Revision history for this message
Micah Lee (micahflee) wrote :

Apparently it's only included in Ultimate and Enterprise versions of Windows Vista and Windows 7 (https://secure.wikimedia.org/wikipedia/en/wiki/BitLocker_Drive_Encryption).

Regardless, all versions of the Ubuntu installer should include full disk encryption. Other GNU/Linux distrobutions, like Fedora Core, do this already.

Revision history for this message
Fabián Rodríguez (magicfab) wrote :

Regarding bug #240813 (which has been fixed it seems in the alternate installer), this would most probably be confusing to end users as they won't know what an "LVM snapshot" is. I'd love to have this additional feature when/if full disk encryption capability is added to ubiquity, I am just saying asking the "how much space for snpashots" question opens up new usability problems to be addressed.

Revision history for this message
Micah Lee (micahflee) wrote :

This feature already exists in the alternate CD, which is great. For the desktop CD, the language could be very simple and not mention LVM snapshots or any other confusing concepts. When you boot to the desktop CD and start installing Ubuntu, the options could be:

Erase disk and install Ubuntu
Erase disk and install Ubuntu with whole disk encryption
Manual configuration (advanced)

The manual configuration partitioner should at least be as featureful as the alternate CD partitioner. When you create a new partition and choose the type, the list should include "physical volume for LVM" and "physical volume for encryption" as well as ext4, ext3, fat32, etc. Here is a screenshot I just found of an Ubuntu alternate CD (an older version) that does this: http://main.uab.edu/Sites/it/documents/63846.jpg

If you want to dual-boot Ubuntu and Windows, your partitioning scheme can look like this:

/dev/sda1 - NTFS for Windows
/dev/sda2 - ext4 for /boot
/dev/sda3 - physical volume for encryption volume

Within the encrypted volume you can set up a "physical volume for LVM" and within that create two volumes, one for swap and one ext4 for /. If someone already has Windows installed, Ubuntu can use free space on the drive to automatically create a /boot partition and put everything else in an encrypted partition.

In the Fedora Core installer, when you create a new partition there is a checkbox for "Encrypt this partition". When you check it, it prompts you for an encryption passphrase to use. This is a simple and straight-forward interface that doesn't make it any harder for people who are new to Linux to use, but it does make it much more secure.

Revision history for this message
papukaija (papukaija) wrote :

This is planned for Quantal:
https://blueprints.launchpad.net/ubuntu/+spec/foundations-q-ubiquity-lvm-luks

Revision history for this message
Fabián Rodríguez (magicfab) wrote :

I've linked this bug report to the above blueprint.

description: updated
Dimitri John Ledkov (xnox)
Changed in ubiquity (Ubuntu):
status: Triaged → In Progress
assignee: nobody → Dmitrijs Ledkovs (dmitrij.ledkov)
Dimitri John Ledkov (xnox)
Changed in ubiquity (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

In quantal daily CD:
$ ubiquity --enable-partauto-crypto

Changed in ubiquity (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
rileinc0 (rileinc0) wrote :

The encrypted LVM option is only available when I'm replacing an existing OS. If I wish to install Ubuntu alongside another OS, the options become grayed out (see screenshot). If I select "Something else," the manual partition tool does not have options to install Ubuntu in an encrypted LVM.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

@ rileinc
Yes, currently that is not supported. But it should be easy to add. bug 1046779 is related, although talks about a different scenario. Please file separate, new bugs instead commenting on the closed bugs.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.