These are my notes for setting up an encrypted LVM-on-LUKS container for my Linux installs. Each install currently needs an unencrypted EFI (/boot/efi) and boot partition (/boot) outside of the encrypted container. Normally, I boot to the install media and use the terminal to open the encrypted container and set all logical volumes active. I then do the install but do not reboot, mount the new install after the installation has finished, and make sure the /etc/crypttab is set up properly. If not, I set it up and then reboot into the new system.
Comments in the code below use the // style prefix so that there is no confusion with the standard # type comments since # is also the default root prompt.Continue reading LVM on LUKS