LMDE 6 (Linux Mint Debian Edition) offers a stable platform that combines the reliability of Debian with the user-friendly interface of Linux Mint. This guide provides a clear, step-by-step process for installing LMDE 6 using live-installer-expert-mode.
You will learn how to safeguard your data with disk encryption while efficiently managing your storage with Btrfs subvolumes.
Advantages of Disk Encryption and Btrfs Subvolumes
Implementing disk encryption is vital for protecting your data, especially on portable devices or when handling sensitive information. Many data breaches are due to lost or stolen devices, making encryption a key defense mechanism.
Btrfs is a modern filesystem with advanced features, including snapshots and subvolumes, which enhance data management practices
By using disk encryption combined with Btrfs subvolumes, you will improve both security and efficiency in your computing environment.
Preparation Steps Before Installation
Getting ready for installation requires a few essential steps.
Hardware Requirements
To run LMDE 6 smoothly, ensure your system meets these basic requirements:
Processor: 64-bit processor
RAM: Minimum 2 GB (4 GB recommended)
Storage: At least 20 GB of available hard drive space
USB Drive: Minimum 4 GB to create the installation media
Downloading LMDE 6
Go to the LMDE 6 Download section of the Linux Mint Official website.
Choose your mirror and proceed with the download.
Creating a Live USB
Use software like Rufus (for Windows) or Etcher (for Linux/Mac) to create your bootable USB drive.
Insert your USB drive and launch the chosen software.
Select the LMDE 6 ISO file and choose your USB drive for installation.
Follow the prompts to create the live USB successfully.
Once the live USB is prepared, you can move on to installation.
Booting the System from Live USB
Insert the bootable USB drive into your computer.
Accessing the Boot Menu
Restart your computer.
Depending on your device, press a key (often F2, F10, F12, or ESC) to access the boot menu.
Select the USB drive to boot into the LMDE live environment.
Upon booting successfully, you will see the option to start the installation.
Preparing the disk
Warning:
Please keep in mind in this guide I’ll be showing a completely fresh install, wiping everything, as this is the safest approach.
1) Choosing the disk device (sdX, n0np
The very first crucial step you need to do is to identify the device (physical disk) where you want to install LMDE 6 on.
Open your terminal and type:
sudo -i
lsblkThe output is something like this, but it depends on how many disks you have installed in your system.
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 233.8G 0 disk
├─sda1 8:1 0 200M 0 part
├─sda2 8:2 0 512M 0 part
└─sda3 8:3 0 233.1G 0 part If you have a SATA device your disk may be identified with /dev/sdXY where:
X is the letter identifying the disk.
The first disk would be identified with a, the second with b, etc...
Y the partition number of the disk.
The first partition will be identified with 1, the second with 2, etc...
If you have a M.2 SSD, your disk may be identified with /dev/nvme0nXpY
X is the number identifying the disk.
The first disk would be identified with 1, the second with 2, etc...
Y the partition number of the disk.
The first partition will be identified with 1, the second with 2, etc...
In this guide I will assume you have a SATA disk so I will use a device named /dev/sda.
Replace /dev/sda with the device you would like to erase and partition.
Once you have identified the disk, make sure it does not contain anything you need, because we are going to erase ALL the content in the next step
2) Partitioning the disk
Make sure you have read the previous paragraph before proceeding.
We are going to erase all the content of the disk during partitioning.
Make sure all the data is safe before proceeding.
The partition we are going to create are as follows:
/dev/sda1: a 200MB EFI partition
/dev/sda2: a 1GB Boot Partition
/dev/sda3: Encrypted partition Open your terminal in the LMDE 6 live-session and type:
sudo -iOpen the partitioning tool pointing it to the disk you would like to partition.
In this guide I will use /dev/sda
gdisk /dev/sdaInstead of gdisk you can use any other partitioning tool you're familiar with
Press o erase the disk and automatically erase the disk and create a GUID partitioning scheme
Press n and hit enter repeatedly until asked for “last sector”,
then type:
+200M and hit enter, then when asked for hex code enter:
ef00, this will be the ESP (UEFI partition)
Repeat the previous step, but this time type
+1G and use the hex code
8300,this will be the boot partition
Now, we finally create the big partition for dm-crypt (LUKS),
type;
n and hit enter until you can choose a hex code.
Type:
8309 and hit enter.
Finally, we enter
w to write the changes.
This will wipe everything! So, confirm at your own discretion.
3) Formatting the partitions
Format the UEFI partition by typing:
mkfs.vfat -c -F32 -n ESP /dev/sda1 Format the boot partition by typing:
mkfs.ext4 -L boot /dev/sda2 Format the encryoted partition by typing:
cryptsetup luksFormat /dev/sda3Now type YES to confirm the operation
Enter your new passphrase twice.
Then unlock the encrypted partition and mount all the partitions
by following the steps listed in the next paragraph.
4) Creating btrfs subvolumes and mounting the partitions
BEFORE the installation.
In the terminal, with sudo privileges, type the following commands in sequence.
Lines starting with '#' are comments only.
# Opens the encrypted partition, calling the device "btrfs"
cryptsetup open /dev/sda3 btrfs
# Formats the encrypted device with the btrfs filesystem
mkfs.btrfs /dev/mapper/btrfs
# Mounts the btrfs partiton to /mnt
mount /dev/mapper/btrfs /mnt
# Creates the @ subvolume (root)
btrfs subvolume create /mnt/@
# Creates the @home subvolume (home)
btrfs subvolume create /mnt/@home
# unmount the /mnt partition
umount /mnt
# mounts subvolumes and partitions before the LMDE 6 installation
# creates the installation mountopoint on /target
# this is required by the 'live installer'
mkdir -p /target
# mount the @ (root) subvolume to /target
mount /dev/mapper/btrfs -o subvol=@,compress=zstd /target
# creates the home directory in /target/home
mkdir -p /target/home
# mounts the home subvolume to /target/home
mount /dev/mapper/btrfs -o subvol=@home,compress=zstd /target/home
# creates the boot mountpoint directory in /target/boot
mkdir -p /target/boot
# mounts the boot partition to /target/boot
mount /dev/sda2 /target/boot
# creates the boot/efi directory in /target
mkdir -p /target/boot/efi
# mounts the EFI partition to /target/boot/efi
mount /dev/sda1 /target/boot/efi5) Installing the system
In the terminal, with boot privileges type:
live-installer-expert-modeThe LMDE installer will show up.
Choose to install the GRUB boot menu on /dev/sda
(or to the installation device you chose)
click "next", and verify everything is correct and proceed to install the system.
After the main installation is complete, you’ll get an “Installation Paused” screen.
Hit OK and read the instructions.
DO NOT CLOSE the installer.
Make sure you have internet and in the terminal (always with sudo priviledges) type:
apt update
apt install arch-install-scriptsWhen the above package is installed we need to 'automagically' create the /etc/fstab file in the target installation directory, by typing in the terminal:
genfstab -U /target > /target/etc/fstabNow we need to edit the /target/etc/crypttab file which allows us to open the encrypted partition at boot.
First type:
lsblk -o +label,fstype,UUIDCopy the the UUID next to the partition of the FSTYPE "crypto_luks"
Open the crypttab file by typing
nano /target/etc/crypttabadd the following line to /target/etc/crypttab
btrfs UUID=xxxxxxxxxx nonePaste the UUID number you coped before
Type ctrl+s and then ctrl+x to save and exit.
Go back to the installer, and hit next.
This will finish the installation.
When asked to reboot, say yes.
If everything is working correctly, during the boot phase you're asked to insert the password of the encrypted disk.
If not you did something wrong, repeat the installation.
Comments