One of the things that you can start with is a BIOS password.
There is one issue with setting a BIOS password though and that is you will be prompted for your password/passphrase every time your pc boots.
Now all motherboard GUI's are different.
Most motherboards, Asus, MSI, ASRock and Gigabyte come with a manual so if you are not sure how to enter into the BIOS check in your motherboards manual.
***If you can't find your manual look on the motherboard manufacturers website.***
*^^*If you still can't find your manual call the manufacturer of the motherboard.*^^*
On some desktops it's the DEL key. (Pressing it repeatedly at bootup until it goes to the BIOS screen)
When my desktop boots up it's the DEL key for me on my Asus Linux rig.
Once in the BIOS navigate to the "Security Section" OR> Advanced section and look in the Menu where you can set a password. Put your password/passphrase in a safe place.
Save the changes and reboot.
Encryption
Encryption is a good way to protect your Linux box from data loss and theft.
If your PC or device is lost or stolen; access to your emails and your cloud accounts could be easily obtained.
During most Linux installations the installer will prompt you to encrypt your hard drive. This is certainly a help so you don't have to do a lot of reading to find out how to do it manually.
IF you decide to encrypt your drive after your Linux install or if you have had a Linux OS (operating system) running for a while DON"T skip on backing up your data!
Here's a link to a tutorial that teaches how to perform encryption on Ubuntu 20.04.
If the tutorial is hard for you to understand I encourage you to join the Ubuntu Forums online. You'll have to create an account to post a request for assistance.
https://ubuntuforums.org/
As time progress over the next few weeks: I'll be looking into LUKS and other encryption software here:
After a really good discussion with one of my Linux friends I was quickly educated on LUKS.
LUKS stands for Linux Unified Key Setup.
All Linux installs use LUKS by default and dm-crypt is the kernel module used for encrypted devices.
The truth is that when you run LUKS to encrypt your hard drive or any of the partitions on your computer is that it will completely wipe all and any data completely and can not be undone.
After learning more I found out that once the encryption process is complete you would have to perform a fresh installation of any operating system that were once in place.
There is another way to get around it my friend explained and these are the instructions that he gave me to do it.
However, I haven't wrapped my head around it and won't be performing the instructions until I fully understand how to do this.
1. Live-boot from a flash drive.
2. Sync your os files to another location, ie: external drive.
3. Remove partitions on the disk where you want to install and create the encrypted partition setup.
4. Sync your os files from your other location to your new root partition.
5. Edit your /etc/crypttab to setup your unlock device.
6. Edit your /etc/fstab with the correct mapper device so the device name you defined in /etc/crypttab.
7. Unmount your devices and reboot and hope for the best.
At this time I don't have a test machine that I can perform these steps on so there's that. And, I need time to chat with other Linux users and Linux Administrators to get more details to think about encryption before putting it into motion.
Here's the main page for LUKS.
FAQ's About LUKS
https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions
This is a good tutorial that was recommended to me.
https://www.cyberciti.biz/security/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/
Comments