I want to test the new options in Cryptsetup aimed at using the hardware encryption of Self Encypting Drives:
# cryptsetup luksFormat --hw-opal-only /dev/sd*
I understand is not an option supported in the installer.
What would be the best way to achieve this?
Not sure if you have seen and read this yet: https://alexdelorenzo.dev/articles/cryptsetup-luks-self-encrypting-drives#how-to-use-hardware-encryption-with-cryptsetup
I have seen that. It covers how to set up the encryption. Similar intrusctions can be found in the Arch wiki. This is part of what I want to do, because I want to add the TPM unlocking.
My question is more focused on how to achieve this on Ubuntu (if possible) since we cannot access the command line from the installer.
AFAIK Fedora has added this option in their last iteration.
Untested, but there’s poetentially one roundabout way: install a flavor that uses the Calamares installer (like Lubuntu), as the command line is indeed accessible. Then you could install ubuntu-desktop and uninstall $flavor-desktop.
Nice idea, although a little convoluted. Let’s see if there is any other alternative.
I tried this yesterday on 25.04 Ubuntu not Xubuntu, and it failed.
Actuality it failed on both, by failed I’m saying it froze the whole installer.
Our installer is under some intense changes currently.
How did you try it with the Ubuntu installer? How do you get into the command line?
by pressing Ctrl + Alt + F2 during the installation.
Also wasted more time on debootstrap manual partitioning and format.
BTW I’m told by a Developer The drive your going to install to, has to be mounted to the Motherboard, USB mounted drives wont work.