Adding new partitions to Full-Disk-Encrypted Ubuntu Studio 24.04.3 LTS Install

Ubuntu Support Template

Ubuntu Version: 24.04.3 LTS (New Install)

Desktop Environment (if applicable): KDE Plasma (on Dell laptop)

Problem Description: New bare-metal install with Full Disk Encryption (LVM). Want to add a second physical HDD with two partitions, one for Windows, preferably dual-boot. Most technical info which I’ve found by searching is several OS generations old.

Relevant System Information: Dell Inspiron 3593 laptop w/ 128 GB SSD + 1 TB HDD

Screenshots or Error Messages:

For multi-line text or logs, wrap them in triple backticks like this or highlight the text and use </> in the composer:

sudo dmesg | tail -20

What I’ve Tried:
List the solutions or workarounds you’ve already attempted.

Before Posting:
Please check if similar issues have already been reported and resolved.

See the “Start here” guide:

Good morning. I’ve been using Ubuntu for several years now, off and on, but I’m moving to it as my main platform and I’m just getting started with encrypted system drives and partitions.

I’m re-purposing a laptop which formerly belonged to my late father and which ran Windows 11. It had a kind of manufacturer-specific RAID system installed which joined the 128GB SSD and the 1 TB physical HDD. In the new OS installation, I wanted to keep the system and software files on the faster SSD but I wanted to offload the actual data files to the HDD. And I’d like to keep everything encrypted to where I only have to remember one (very complex) encryption key. Plus, if possible, I’d like to retain a 128 GB partition on the HDD to install some flavor of Windows for a few pieces of productivity software which don’t work or play well under Linux. Bonus points if that can be encrypted as well.

I already have a successful Ubuntu 24.04.3 LTS installation on the SSD with full-disk LVM encryption and three partitions; a BIOS partition, a boot partition, and the main system partition. Now I’m wanting to encrypt the HDD, partition it, and add it into the system so that it can be accessed when I enter my disk encryption password and, preferably, mount it as /home (unless someone has a better method for allocating the user data). And then I’d like to format and install Windows on the rump partition.

I have been searching for information on this for nearly a week now, but what I’ve found is largely out of date (going back to 14.04!) or doesn’t cover all facets of my specific situation. I’m asking here because I’d rather do it right than do it over. Thanks for any help.

Is the SSD you refer where you now have Ubuntu installed a GPT disk? You mention having a BIOS partition (BIOS-boot?) which would indicate a GPT drive with a legacy/csm isntall. If the drive is in fact GPT and you have a legacy install of Ubuntu it will not boot windows as windows is required to be installed in UEFI mode on a GPT drive. Of course, the windows bootloader won’t boot Ubuntu either. You could show this info with the command: sudo parted -l

I’m not sure I understand but it seems you want to use either Linux encryption or windows encryption for the full drive with both OS’s, is that it?

In a hurry, but here’s the output from parted-l:

sudo parted -l
Model: ATA WDC WD10SPZX-75Z (scsi)
Disk /dev/sda: 1000GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt
Disk Flags: 

Number  Start   End     Size    File system  Name                          Flags
 1      1049kB  135MB   134MB                Microsoft reserved partition  msftres, no_automount
 3      135MB   1262MB  1127MB  fat32                                      boot, esp
 2      1262MB  1000GB  999GB   ext4


Model: Linux device-mapper (linear) (dm)
Disk /dev/mapper/ubuntu--vg-ubuntu--lv: 125GB
Sector size (logical/physical): 512B/512B
Partition Table: loop
Disk Flags: 

Number  Start  End    Size   File system  Flags
 1      0.00B  125GB  125GB  ext4


Error: /dev/mapper/dm_crypt-0: unrecognised disk label
Model: Linux device-mapper (crypt) (dm)                                   
Disk /dev/mapper/dm_crypt-0: 125GB
Sector size (logical/physical): 512B/512B
Partition Table: unknown
Disk Flags: 

Model: KBG40ZNS128G NVMe KIOXIA 128GB (nvme)
Disk /dev/nvme0n1: 128GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 

Number  Start   End     Size    File system  Name  Flags
 1      1049kB  1128MB  1127MB  fat32              boot, esp
 2      1128MB  3276MB  2147MB  ext4
 3      3276MB  128GB   125GB

Back before too much longer.

Is the SSD you> refer where you now have Ubuntu installed a GPT disk? You mention having a BIOS partition (BIOS-boot?) which would indicate a GPT drive with a legacy/csm isntall. If the drive is in fact GPT and you have a legacy install of Ubuntu it will not boot windows as windows is required to be installed in UEFI mode on a GPT drive. Of course, the windows bootloader won’t boot Ubuntu either. You could show this info with the command: sudo parted -l

See post above. Ubuntu is installed, and working, on the SSD. But I need additional space, and I’d like to have it encrypted with as transparent an access as possible.

I’m not sure I understand but it seems you want to use either Linux encryption or windows encryption for the full drive with both OS’s, is that it?

I’d like to add at least the Linux partition to the existing LVM for the encrypted SSD, opening with the same password at boot-up. Ideally I’d like to have a 128 GB Windows partition which is protected by the same encryption, but if that’s not readily do-able then Windows can stand on its own (in a separate partition, of course).

I’ve never used LVM or encryption but as I understand it, an encrypted install with LVM uses the entire disk so I don’t believe you can create any space on those drives for a windows isntall. The link below discusses it so you might look for additional sources to confirm as I’m not really familiar with it.

https://superuser.com/questions/1389435/encrypted-lvm-in-debian-install-is-whole-disk-encrypted