Need help with raid0 with encryption

support-setup-and-config
(Allen Brooks) #1

Briefly describe your issue below:

I have an MSI GS70 with 2x 256Gb SSDs in RAID0 for my boot device and a 1tb hdd for storage. The raid is hardware defined.

The installation process goes fine when I run the installer (have tried both the GTK installer and standard) with the computer booting in UEFI mode. However, once I boot up, I sit at the Parrot loading screen for a few minutes (never prompted for my encryption phrase, on the attempts I’ve set up encryption) until I’m dropped to a initframfs shell and get a message that parrot–vg-root was not found.

When I try the installer with the computer in Legacy boot mode, the installer always fails on grub installation. I’ve also tried installing lilo instead of grub, but no joy. When I choose the partition to install grub, the screen just turns red and says there was a fatal error. I’ve spent the last few hours trying to chroot onto the boot partition and install grub manually, but the process of mounting and chroot’ing an ecrypted lvm partition is apparently not something I’m capable of.

I have secure boot disabled as recommended in the docs and I’ve used Etcher to generate my bootable USBs.

My preference would be to be able to install Parrot to the raid volume with lvm and encryption in UEFI mode, but I can’t make it work to save my life. Any help would be greatly appreciated. Thanks in advance.

What version of Parrot are you running? (include version, edition, and architecture)
Parrot 4.5.1 Security amd64. I have also tried versions 4.0.1 and 4.2.2 for the sake of thoroughness.

What method did you use to install Parrot? (Debian Standard / Debian GTK / parrot-experimental)
I have used both the Standard and GTK installers.

Configured to multiboot with other systems? (yes / no)
No, all drives are clean.

Image of the initramfs prompt after booting fails in uefi mode: https://drive.google.com/file/d/1lSKfS7cxvD2EhtikQ7iLuxvU0wgidTXm/view?usp=drivesdk

Am I missing something obvious here? Would love some help on this.

(Allen Brooks) #2

Finally figured it out. Hope this helps somebody else in the same position.

My system has 2x 128GB SSDs and 1x 1TB HDD. My goal was to have the 2 SSDs in a RAID0 array with an encrypted logical volume group on top where Parrot lives. The 1TB HDD should be just a data disk.

/dev/sda - 128GB SSD
/dev/sdb - 128GB SSD
/dev/sdc - 1TB HDD

Here are the steps I followed (admittedly, some may be unnecessary):

  1. Install Parrot normally on the HDD normally to use as a base system keeping the default options during installation.
  2. Boot into Parrot from the HDD.
  3. Open a terminal and run sudo parted /dev/sda
  4. Once you’re in the parted menu, run mklabel gpt
    Note: at this point I switched to gparted for the GUI, but feel free to stick with parted if you so choose.
  5. Create 3 partitions on the disc (in this order):
    • 142 MB ext4 with “boot” and “esp” flags
    • 620 MB ext4
    • Remaining free space ext4 with “raid” flag
  6. Copy the partition table to /dev/sdb using sudo sgdisk -R=/dev/sdb /dev/sda
  7. Generate new UUIDs on /dev/sdb using sudo sgdisk -G /dev/sdb
  8. Create the raid array using sudo mdadm --create /dev/md0 --verbose --level=stripe --raid-devices=2 /dev/sda3 /dev/sdb3
  9. Reboot and start the Parrot installation again.
  10. Set your preferences and at the partitioning menu, choose Manual.
    Note: this next part is from memory, so the labels aren’t exact.
  11. Given the flags, both 142 MB partitions on each disk should be recognized as EFI boot partitions, but if not, make those changes.
  12. Use ONE of the 620 MB partitions as a btrfs journaling file system and set the mount point to /boot. The 620 MB partition on the other drive should be set to “Do not use”.
  13. Go to set up Encrypted volumes and set md0 as an encrypted volume and setup your passphrase.
  14. Once the encrypted volume is set up, go to “Set up logical volumes”.
  15. Create a logical volume group on the encrypted volume. I named mine parrot–vg.
  16. Once the volume group is created, you’ll have the option to create a logical volume. Create a logical volume in the volume group you just created. I named mine “root” for simplicity.
  17. Once that’s done, choose that you’re finished creating the logical volumes.
  18. Back in the partition editor menu, choose the volume group you created from the list and edit it so that it is a btrfs file system with a mount point of “/” (the root filesystem).
  19. From here, all the configuration is complete. Click Finish and Continue as many times as they’re offered and you should be able to boot into your Parrot installation on an encrypted SSD raid.
  20. Once you get in, use gparted to reformat the HDD to be one big ext4 filesystem for data.

I’ve been working on this for nearly 8 hours today, so I’m sure those instructions aren’t as accurate as they could be. If they need to be updated, by all means.

Biggest article that helped in the beginning:
https://www.schmidp.com/2014/12/12/full-disk-encryption-with-grub-2-+-luks-+-lvm-+-swraid-on-debian/

(system) closed #3

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.