Hey all,

I decided I would reinstall Kali 1.08 and go for an encrypted install as I'm sure some of us have considered. Catch was, this only supported the install if I used the entire disk. As I dual boot with Windows I needed another way.

The end result we are working towards is a dual boot Windows (I'm on 8.1) and Kali 1.08 where Kali is installed on an encrypted LVM.

Backup your drive before proceeding, it's easy to nuke anything while messing with partitions

My setup is provided below so others know it should work for them if they are similar, please post your experiences.

Laptop:
250gb SSD
EFI boot Windows 8.1
EFI boot Kali 1.07

What we will end up with is:
EFI boot Windows 8.1
EFI boot Kali 1.08 on an encrypted volume which contains a Logical Volume Group with '/' and 'swap' as separate Logical Volumes within it. This means our '/' and 'swap' are encrypted at boot time. /boot will be on a separate unencrypted partition.

Note
As mentioned above, /boot is mounted on a separate partition and is not encrypted. I am not an expect on the (if any) security implications of this setup. Please post if you have insight into this setup. From what I have seen, this is the same scenario generated by the Kali installer automatically if the entire disk is encrypted.

Note
Throughout, I will be working with a value of 95GB of free space. Adjust for your actual free space

Note (Applicable for EFI installers)
You need to be connected to the internet for this install. I found this out the hard way. While the 1.08 USB is EFI enabled, it does not include the .debs for grub-efi. Someone could determine all the .debs and dependencies required and place them within the thumb drive at /pool/main/ but it's easier to connect to the net.

I said it before and I'll say it again, backup your drive before you get started.

Overview
This covers:

a. Deleting the partitions from the old Kali install and leaving free space
b. Creating a Ext2 partition and setting the '/boot/' mount point
c. Creating an Encrypted Volume
d. Creating a Volume Group within the Encrypted Volume
e. Creating a Logical Volume within the Volume Group and setting the '/' mount point
f. Creating a second Logical Volume within the Volume Group and setting the 'swap' flag

Instructions
1. Create an EFI(for EFI users) bootable Kali 1.08 install thumb drive. Follow the instructions on the Kali website (download iso and use dd to image it onto a usb drive)
2. Boot from the thumb drive (in EFI mode as required) and select the 'Install' option from the menu. Do not enter live mode as I've read a bug exists which won't allow the system to boot after install. I haven't tested it myself.
3. Install as usual until you reach the 'Partition Disks' screen. On this screen select 'Manual' as the partitioning method

Below is similar to what I see on this screen. I have one hard drive in my laptop with Windows 8.1 installed at the start of the drive



SCSI2 (0,0,0) (sda) - 256 GB ATA Sandisk
1.0 MB FREE SPACE
#1 629 MB B K EFI Boot EFI Systems Information
512 B FREE SPACE
#2 160GB NTFS Windows Partition
903KB FREE SPACE
#3 91GB EXT4 /
#4 4GB SWAP Linux Swap


What we need to do is remove our old Kali Linux so we have the free space at the end of the drive for our encrypted volume.

1. Select the EXT4 partition for / and then choose delete this partition
2. Select the SWAP partition for Linux Swap and choose delete this partition
3. You should now have something similar to that below


SCSI2 (0,0,0) (sda) - 256 GB ATA Sandisk
1.0 MB FREE SPACE
#1 629 MB B K EFI Boot EFI Systems Information
512 B FREE SPACE
#2 160GB NTFS Windows Partition
95GB FREE SPACE


Creating the /boot partition

1. Select the 95GB of free space and press return
2. Create new partition
3. Enter 256MB as the partition size
4. Select Beginning at the start of the partition
5. On the new screen, select 'Use As' and then choose EXT2
6. Select 'Mount Point' and then choose '/boot'
7. Select 'Done setting up the partition'

Creating the Encrypted Volume
The encrypted volume will take up the remainder of the free space

1. At the top of the 'Partition Disks' main screen, select 'Configure encrypted volumes'
2. Select yes to write changes to disk
3. Select 'Create encrypted volume'
4. Select the remaining free space on the drive. For me, it read:

/dev/sda FREE #4

and had 94743MB available which is the 95GB starting size - /boot

5. Select 'Done setting up the partition
6. Write changes to disk
7. Select 'Finish'
8. Select 'Yes' to erase the partition

Note
This erase will take a long time. You can select cancel and proceed immediately but it will not blank out your drive with random data. I guess it depends on how large a tin foil hat you wear. Don't be surprised if it takes 6 hours.

9. Once the erase is finished, set the boot time pass-phrase. You will need to enter this pass-phrase each time you boot. It is separate from your root password.

Creating a Volume Group

1. From the main Partition Disk screen, select 'Configure the Logical Volume Manager'
2. Confirm the write changes to disk
3. Select 'Create Volume Group'
4. Name the volume group 'Kali'
5. Select the encrypted volume which was created previously. It should read similar to:

/dev/mapper/sda4_crypt

and can be recognised by the partition size of our 95GB - /boot


6. Select 'Yes' to configure LVM

Creating Logical Volumes
a. The / or 'root' partition

1. Select 'Create Logical Volume' from the 'Summary of current LVM' screen
2. Select the Kali volume group
3. Use 'root' as the name of the new logical volume

Note
For the size of the root partition, you will need to take the total size available and subtract the size of swap. Swap is normally == to your RAM (and in some cases double). I'm using 4GB RAM so working with a 4GB Swap

4. Assuming the total available space is 94736MB, subtract the 4096MB (4GB) of swap and this leaves 90640MB for the root partition
5. Enter 90640MB (or your calculated partition size) and press return

b. The 'Swap' partition

1. Select 'Create Logical Volume'
2. Select the Kali volume group
3. Enter the name 'swap' for this partition
4. The size listed will be the available size. Should be 4096MB or the size you calculated previously. Press return to accept
5. Select Finish

Setting Mount Points

a. Setting / 'root'

1. Select the Logical Volume created for the root partition. The name should be similar to that below. You will need to click on the #1 under this name

LVM VG KALI, LV ROOT

2. Select 'Use as'
3. Select 'EXT4 Journalling File System'
4. Select 'Mount point'
5. Select '/ - The root of the file system'
6. Select 'Done setting up this partition'

b. Setting 'swap'

1. Select the #1 under 'LVM VG KALI, LV SWAP'
2. Select 'Use as'
3. Select 'Swap Area'
4. Select 'Done setting up this partition'

Finishing up

1. At the bottom of the Partition Disks screen, select 'Finish partitioning and write changes to disk'
2. Confirm the write changes to disk
3. The install will take place. Complete the install as normal (ie. configuring network mirrors
4. When the system restarts, you will be prompted for the pass-phrase you set while creating the encrypted volume

Oh no!, where has my Windows partition gone from Grub?!
Windows may not have made it into the grub loader just yet. When you boot into kali, open terminal and run 'update-grub' and then restart. It should be back.

Dont work for me.
After install it loads Windows only no GRUB menu. Only way to get to Kali is booting through Windows 8 special boot menu.
Even then I get black screen no flashing cursor. Also saw in BIOS under EFI hard drives I see two debian options. None work.

Thanks for the great guide! Do you know if there's a way to set it up so grub is separated from the Windows Boot Manager?

Thanks for the great guide! Do you know if there's a way to set it up so grub is separated from the Windows Boot Manager?

Sorry, that's not something I know how (or have ever looked at) doing. I could see it getting annoying having to boot windows, select Linux and then boot from the grub menu anyway.

Sorry, that's not something I know how (or have ever looked at) doing. I could see it getting annoying having to boot windows, select Linux and then boot from the grub menu anyway.

Ah, I just took a look at your name and realized who it was!

Thanks for you contributions to this forum. Regarding the nVidia thread, I'll try to reply to that sometime tomorrow -- I completely botched my Kali setup and haven't re-installed it yet.

Regarding what we're talking about now, I previously used this thread to install version 1.0.7 using EFI:
https://forums.kali.org/showthread.php?271-How-to-EFI-install-Kali-Linux

The way it was set up allowed me to have Kali Linux as its own boot option in BIOS.

Just heads up, this does not work correctly, after GRUB you get stuck on black screen. Looks like UEFI entry incorrect when installing /boot partition.
If you use refind as bootloader it lists Kali as a different entry then the Debian EFI entry and works fine.

Just heads up, this does not work correctly, after GRUB you get stuck on black screen. Looks like UEFI entry incorrect when installing /boot partition.
If you use refind as bootloader it lists Kali as a different entry then the Debian EFI entry and works fine.

Hi there,

I'm sorry to hear it didn't work for you. I'm interested in your set up to see if we can resolve it for anyone else who may be experiencing it.

I say set up because you also posted in my nvidia thread that you were having issues installing bumblebee with similar no booting black screen issues. Did you follow both and have black screen on end up with black no booting as a result of both guides?

Do you have one hard drive or two? (for example, is windows and the efi boot partition on sda and the Kali install and as a result, encrypted volume and /boot on sdb?

Would you please post this screen from either the graphical install or live mode. You won't need to make changes to disk to reach it.

http://forum.linuxbsdos.com/uploads/upload-1ef92236-c241-4d2a-8d27-144ee08aafcd.png

Hi there,

I'm sorry to hear it didn't work for you. I'm interested in your set up to see if we can resolve it for anyone else who may be experiencing it.

I say set up because you also posted in my nvidia thread that you were having issues installing bumblebee with similar no booting black screen issues. Did you follow both and have black screen on end up with black no booting as a result of both guides?

Do you have one hard drive or two? (for example, is windows and the efi boot partition on sda and the Kali install and as a result, encrypted volume and /boot on sdb?

Would you please post this screen from either the graphical install or live mode. You won't need to make changes to disk to reach it.

http://forum.linuxbsdos.com/uploads/upload-1ef92236-c241-4d2a-8d27-144ee08aafcd.png

Hi

I did clean install after bumblebee as I messed windows install also.
Same thing happens, I currently got SSD with Win 8.1 and SSD with EFI System, NTFS, /boot and encrypted lvm.
If I use refit then it shows extra Linux entry on /boot that works. Grub only loads Windows so I just installed Refid as my default bootloader.

What is the output of

[ -d /sys/firmware/efi ] && echo "1" || echo "0"

from within kali?

THANK YOU!!!

I have been attempting to dual boot windows 8.1 and kali for a week, but kept getting failure notices for loading grub2. I pulled from your postings and it is working!
Creating the /boot partition

1. Select the 95GB of free space and press return
2. Create new partition
3. Enter 256MB as the partition size
4. Select Beginning at the start of the partition
5. On the new screen, select 'Use As' and then choose EXT2
6. Select 'Mount Point' and then choose '/boot'
7. Select 'Done setting up the partition'

What is the output of

[ -d /sys/firmware/efi ] && echo "1" || echo "0"

from within kali?

Thanks but its solved now. Instead of messing around Im using refind and it works.

THANK YOU!!!

I have been attempting to dual boot windows 8.1 and kali for a week, but kept getting failure notices for loading grub2. I pulled from your postings and it is working!
Creating the /boot partition

1. Select the 95GB of free space and press return
2. Create new partition
3. Enter 256MB as the partition size
4. Select Beginning at the start of the partition
5. On the new screen, select 'Use As' and then choose EXT2
6. Select 'Mount Point' and then choose '/boot'
7. Select 'Done setting up the partition'

You're Welcome. I'm glad it worked for you.

Sorry, that's not something I know how (or have ever looked at) doing. I could see it getting annoying having to boot windows, select Linux and then boot from the grub menu anyway.

Thanks again for your guide, finally got it working.

Here's the end result

https://i.imgur.com/bbhFcMK.jpg

Thanks again for your guide, finally got it working.

Here's the end result

https://i.imgur.com/bbhFcMK.jpg

Hi Rarity,

Edit: Never-mind, I remembered that you wanted it separate from windows boot manager!

Good work, if you get a chance, would you post how you did it for others in the same boat?

Hi Rarity,

Edit: Never-mind, I remembered that you wanted it separate from windows boot manager!

Good work, if you get a chance, would you post how you did it for others in the same boat?

I'm actually a bit embaressed by how long it took me to figure it out haha, but all you have to do is make sure you create a 256 MB EFI Boot Partition before creating the 256 MB /boot partition!

i cant seem manually set the kali partiion for encryption for dualboot . i can get dualboot if i dont use encryption.. my os's is win7 kali 1.0.9 toshiba p75-a7200.

i cant seem manually set the kali partiion for encryption for dualboot . i can get dualboot if i dont use encryption.. my os's is win7 kali 1.0.9 toshiba p75-a7200.

In simple terms, the order you need to follow is:

1. Have windows installed and booting in EFI mode
2. Have free space (unpartitioned) which will become kali
3. create a 256mb partition which is ext2 and set the mount point as /boot
4. Created an encrypted volume, this will use the remaining free space.
5. create a logical volume group, this will be made on top of the encrypted volume (when selected a location for the volume group, select the crypt partition)
6. create a logical volume within the volume group, call it kali_root and make it the partition size minus 4096mb. Set the mount point as '/' and the file system as ext4
7. create a logical volume on the remaining 4096MB. Set the 'use as' to linux swap.
8. finish the install and then it will automatically reboot and prompt for the password set when creating the encrypted volume.

I've made an image that tries to show you what the layout is aiming to achieve. Look at how the volume group and logical volumes exist on top of the encrypted volume. As expected, you can't make the logical volume prior to the encrypted volume as it has no where to exist.

374