Skip to content

Instantly share code, notes, and snippets.

View stonewalljones's full-sized avatar

Zachary Jones stonewalljones

2 followers · 9 following
View GitHub Profile
@huntrar
huntrar / full-disk-encryption-arch-uefi.md
Last active April 23, 2024 13:38
Arch Linux Full-Disk Encryption Installation Guide [Encrypted Boot, UEFI, NVMe, Evil Maid]

Arch Linux Full-Disk Encryption Installation Guide

This guide provides instructions for an Arch Linux installation featuring full-disk encryption via LVM on LUKS and an encrypted boot partition (GRUB) for UEFI systems.

Following the main installation are further instructions to harden against Evil Maid attacks via UEFI Secure Boot custom key enrollment and self-signed kernel and bootloader.

Preface

You will find most of this information pulled from the Arch Wiki and other resources linked thereof.

Note: The system was installed on an NVMe SSD, substitute /dev/nvme0nX with /dev/sdX or your device as needed.

@ansulev
ansulev / arch-install-dual-encrypted-t480s.sh
Last active March 20, 2023 16:18
Install UEFI Arch Linux dual boot with Windows 10 on Thinkpad T480s. Full encrypted btrfs subvolume inside luks. UEFI and Secure Boot enabled.
# Install Arch Linux dual boot with Windows 10 on Thinkpad T480s. Dec 2018.
# Full encrypted btrfs subvolume inside luks. UEFI and Secure Boot enabled.
# filename: install-arch-linux-on-btrfs-subvolume-inside-luks.txt
# The official guide: https://wiki.archlinux.org/index.php/Installation_Guide
# Last edit: 2021/10/11 (Work in priogress...)
# Shrink Windows partition to make room for the linux.
# Remove BitLocker encryption and Fast Boot. After install can re-enable BitLocker.
# Need to setup again Bitlocker, PIN, Fingerprint (tested on Win10 1803)
@jessfraz
jessfraz / boxstarter.ps1
Last active April 11, 2024 16:02
Boxstarter Commands for a new Windows box.
# Description: Boxstarter Script
# Author: Jess Frazelle <jess@linux.com>
# Last Updated: 2017-09-11
#
# Install boxstarter:
# . { iwr -useb http://boxstarter.org/bootstrapper.ps1 } | iex; get-boxstarter -Force
#
# You might need to set: Set-ExecutionPolicy RemoteSigned
#
# Run this boxstarter by calling the following from an **elevated** command-prompt:
@ansulev
ansulev / install-arch-linux-on-btrfs-subvolume-inside-luks
Last active December 18, 2023 06:45
Install Arch Linux with full encrypted btrfs subvolume inside luks
# Install Arch Linux with full encrypted btrfs subvolume inside luks
# Hardware: BIOS system, Intel GPU, Nvidia Optimus, Toshiba SSD, Wifi
# Please adjust for your needs.
# filename: install-arch-linux-on-btrfs-subvolume-inside-luks.txt
# The official guide: https://wiki.archlinux.org/index.php/Installation_Guide
# Download the archiso image from https://www.archlinux.org/download/
# Copy to a usb-drive
dd bs=4M if=archlinux.iso of=/dev/sdx status=progress oflag=sync # on linux
@netson
netson / psad-and-ufw.md
Last active August 3, 2023 08:22
Using PSAD and UFW
@mattiaslundberg
mattiaslundberg / arch-linux-install
Last active March 29, 2024 08:38
Minimal instructions for installing arch linux on an UEFI system with full system encryption using dm-crypt and luks
# Install ARCH Linux with encrypted file-system and UEFI
# The official installation guide (https://wiki.archlinux.org/index.php/Installation_Guide) contains a more verbose description.
# Download the archiso image from https://www.archlinux.org/
# Copy to a usb-drive
dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux
# Boot from the usb. If the usb fails to boot, make sure that secure boot is disabled in the BIOS configuration.
# Set swedish keymap