Booting in to Arch Linux installer
Select Arch Linux bootable media from your computer’s BIOS and you should see the following screen. Select Arch Linux archiso x86_64 UEFI CD from the menu and press <Enter>.
You should be logged into the Arch Linux console. You can install Arch Linux from here.
Partitioning Disk
Before you can install Arch Linux, you must partition your disk properly. In this article, I will use cfdisk command line utility to partition the disk.
My hard drive is /dev/sda. Your hard drive might be identified by the system differently. Run lsblk command to find out what it is for you and replace /dev/sda in this article as required.
To partition /dev/sda with cfdisk, run the following command:
You should see the following window. If your hardware supports UEFI, select gpt. Otherwise select dos. My hardware supports UEFI. So I am selecting gpt.
Once you select a partitioning method, you should see the following window. Here you have to create 3 partitions if you’ve selected gpt, otherwise 2 partitions are enough.
For gpt partition table:
Partition 1 should be EFI System Partition of about 256MB
Partition 2 should be the boot partition of about 512MB
Partition 3 should be the root partition. Give it the rest of the free space.
For dos partition table:
Partition 1 should be the boot partition of about 512MB.
Partition 2 should be the root partition. Give it the rest of the free space.
To create a partition, navigate to [ New ] using the <Left> and <Right> arrow keys and press <Enter>
Now enter the partition size. In my case, the first partition is the EFI partition. So I will give it 256MB. Once you’re done, press <Enter>.
The partition should be created. Now you have to change the filesystem Type to EFI System Partition. To do that navigate to [ Type ] and press <Enter>.
You should see the following window. Select EFI System from the list and press <Enter>.
The partition should be created.
Now I am going to create the 512MB boot partition.
The boot partition should be created.
Now I am going to create the root partition. I will give it the rest of the free space.
All the partitions are created.
Now we are going to write the changes to the disk. To do that navigate to [ Write ] and press <Enter>.
Now type in yes and press <Enter>.
Now navigate to [ Quit ] and press <Enter>. You should be back to the Arch Linux console.
Configuring LUKS Encryption on the Disk
First load the dm-crypt kernel module with the following command:
Now load the dm-mod kernel module with the following command:
Now you can encrypt the root partition (in my case /dev/sda3) with LUKS with the following command:
Now type in YES (must be in uppercase) and press <Enter>.
Now enter a password and press <Enter>.
Re-enter the password and press <Enter>.
The LUKS encryption is complete.
Now open the /dev/sda3 device with the following command, so we can install Arch Linux on it.
Now enter the password you just set earlier and press <Enter>.
The LUKS encrypted disk should now be available at /dev/mapper/luks_root
Formatting and Mounting the Partitions
Now you have to format the partitions.
Run the following command to format the EFI System Partition /dev/sda1:
Run the following command to format the boot partition /dev/sda2:
Run the following command to format the LUKS encrypted root partition /dev/mapper/luks_root:
Now mount /dev/mapper/luks_root in /mnt directory:
Create boot/ directory in /mnt with the following commands:
Now mount /dev/sda2 to boot/:
Now create a boot/efi/ directory in /mnt:
Now mount the EFI System Partition /dev/sda1 to boot/efi/ directory:
Create a 1GB swap file in /mnt with the following command:
Format the swap block file:
Now enable the swap:
Change the swap file permission to the suggested value:
Installing Arch Linux
Run the following command to install Arch Linux:
Press <Enter>.
Press <Enter> again.
Press y and then press <Enter>.
The installation should start and it may take a while to complete.
Once the installation is complete, generate fstab file:
Now chroot into the newly installed Arch Linux:
First set up a root password with the following command:
Now edit /etc/locale.gen:
Remove the # from the beginning of one of the line depending on your language. Then save the file.
Now run the following commands:
Now set your time zone with the following commands:
Set hardware clock:
Now set hostname with the following command:
Edit /etc/hosts:
Add the following lines to /etc/hosts and save the file.
Now edit /etc/default/grub:
Set GRUB_CMDLINE_LINUX=”cryptdevice=/dev/sda3:luks_root” and save the file.
Now edit /etc/mkinitcpio.conf:
In the HOOKS section, add encrypt after block as shown in the marked section of the screenshot below. Then save the file.
Now run the following command to generate initramfs:
Now install GRUB with the following commands:
Now generate GRUB configuration with the following commands:
Now exit out of chroot:
Now reboot your computer:
Booting in to the LUKS Encrypted Arch Linux
Once your computer boots again, you should see the following window. Select Arch Linux and press <Enter>.
You should be prompted for your LUKS encryption password that you set earlier. Type in the password and press <Enter> to continue.
Your Arch Linux should start.
Now you can login into your Arch Linux as you can see in the screenshot below.
That’s how you install Arch Linux with LUKS Encryption. Thanks for reading this article.
