We will install archlinux with LVM on LUKS encryption (UEFI), via ssh. This is for advanced users. If you just want to install archlinux, look elsewhere.
Download the ISO and burn it to your USB key like so:
dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx && syncSet the keyboard layout. In my case, it’s Belgian AZERTY (/usr/share/kbd/rubfhaps/i386/azerty/be-latin1.map.gz)
loadkeys be-latin1Verify if you are booted in UEFI mode (is this directory populated?)
ls /sys/firmware/efi/efivars
Clean up your disk data (warning: this will take hours)
shred --verbose --random-source=/dev/urandom --iterations=3 /dev/sdaConnect to the internet
wifi-menuTest internet connection and name resolution
ping dthlabs.comSet root pwd for ssh install
passwdEdit /etc/ssh/sshd_config and set PermitRootLogin to yes, if it isn’t. This will not affect the final install.
vi /etc/ssh/sshd_configStart sshd. After that you can finish the installation remotely (use ip a to get LAN IP)
systemctl start sshdCheck your disks and partitions
lsblkSetup your partitions with fdisk
fdisk /dev/sdaSo it looks like that (type g in fdisk if needed, to create a new empty GPT partition table)
Device Start End Sectors Size Type
/dev/sda1 2048 309247 307200 150M EFI System
/dev/sda2 309248 821247 512000 250M Linux filesystem
/dev/sda3 821248 500118158 499296911 238.1G Linux filesystem
Format the EFI partition
mkfs.vfat -F32 /dev/sda1Format the boot partition
mkfs.ext2 /dev/sda2Format the root partition
mkfs.ext4 /dev/sda3Set password and encrypt root partition
cryptsetup luksFormat -c aes-xts-plain64 -s 512 /dev/sda3Open root partition
cryptsetup open --type luks /dev/sda3 rootCreate physical volume
pvcreate /dev/mapper/rootCheck the physical volume
pvdisplayCreate volume group
vgcreate krisiunvg /dev/mapper/rootCheck the volume group
vgdisplayCreate logical volume using almost the entire HD
lvcreate --name krisiunlv --size 230G krisiunvgNow create another logical volume to hold swap
lvcreate -l +100%FREE krisiunvg -n swaplvAnd check the logical volumes
lvdisplayFormat the encrypted root logical volume
mkfs.ext4 /dev/mapper/krisiunvg-krisiunlvFormat the encrypted swap logical volume
mkswap /dev/mapper/krisiunvg-swaplvEnable swap
swapon /dev/mapper/krisiunvg-swaplvMount root to /mnt
mount /dev/mapper/krisiunvg-krisiunlv /mntMount /boot
mkdir -p /mnt/boot && mount /dev/sda2 /mnt/bootMount /boot/efi
mkdir -p /mnt/boot/efi && mount /dev/sda1 /mnt/boot/efiInstall system
pacstrap /mnt base base-devel grub-efi-x86_64 vim git efibootmgr dialog iw wpa_supplicant openssh firefox flashplugin Generate fstab
genfstab -pU /mnt >> /mnt/etc/fstabTo use /tmp as ramdisk, edit /mnt/etc/fstab and add:
tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0chroot to the new system using bash shell
arch-chroot /mnt /bin/bashSet hostname
echo krisiun > /etc/hostnameSet the timezone
ln -s /usr/share/zoneinfo/Europe/Brussels /etc/localtimeAdjust hardware clock
hwclock --systohc --utcSet locales
echo LANG=en_US.UTF-8 >> /etc/locale.conf
echo LANGUAGE=en_US >> /etc/locale.conf
echo LC_ALL=C >> /etc/locale.conf
Set /etc/vconsole.conf
KEYMAP="be-latin1"
FONT="lat0-16"
Edit /etc/mkinitcpio.conf, add keymap keyboard encrypt lvm2 in HOOKS and ext4 in MODULES
MODULES="ext4"
[...]
HOOKS="... keymap keyboard encrypt lvm2 filesystems ..."
Now run:
mkinitcpio -p linuxChoose root password
passwdCreate an user
useradd -m -g users -G wheel,storage,network,sys,lp,scanner,audio,video,power [username] && passwd [username]
With visudo, give privileges to your user
[username] ALL=(ALL) ALLInstall boot loader
pacman -S grub efibootmgr os-proberEdit /etc/default/grub and add:
GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda3:krisiunlv"
GRUB_ENABLE_CRYPTODISK=y
Run grub-install
grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=grub --recheckRun grub-mkconfig (you might get some lvmetad warnings, just ignore for now)
grub-mkconfig -o /boot/grub/grub.cfgInstall sound
pacman -S alsa-utils alsa-oss alsa-plugins pulseaudioExit chroot
exitAnd reboot
shutdown -r now
