Install Ubuntu 15.04 with full disk encryption, but without swap partition

The ubuntu installer (ubiquity) is quite limited in this regard. So we need to do it manually instead of the installer.

So when you run the Live CD/USB, choose "Try ubuntu", and launch gparted to partition your drive.

You need to make an ESP (sda1) (if you use EFI+GPT), a boot partition (256MB for example, sda2), another partition (for example, sda3) that will hold the crypted container called LUKS.

Then open a terminal (ctrl-alt-t)

Setup LUKS device

sudo cryptsetup --key-size 512 luksFormat /dev/sda3
sudo cryptsetup luksOpen /dev/sda3 crypted

Setup LVM on LUKS

If you don't want to use multiple partition, you can skip the following paragraph and avoid LVM. In that case, use /dev/mapper/crypted as you root latter on instead

sudo pvcreate  /dev/mapper/crypted
sudo vgcreate vg /dev/mapper/crypted
sudo lvcreate -L 15G vg -n root
sudo lvcreate -l 100%FREE vg -n home

Installation

Keep the terminal opened and now run the installation. Choose "Something else" when partitioning and specify

• your boot partition (/dev/sda2)
• your root partition (/dev/mapper/vg-root)
• your home partition (/dev/mapper/vg-home)
• any other needed partition...
• and check the checkbox to format your partitions

At the end of the installation, don't reboot but just click "Continue trying ubuntu"

Post-install

In our opened terminal:

Create /etc/crypttab to add crypted partition

sudo mount /dev/mapper/vg-root /mnt
echo "crypted UUID=`blkid -o value /dev/sda3|head -1` none luks" | sudo tee /mnt/etc/crypttab
sudo umount /mnt

That's it ! Reboot now.