Arch Linux EFI installation (i3 & disk encryption)
Create a bootable USB stick
- Download the ISO at https://archlinux.org/download/.
- Verify the integrity of the ISO using a checksum.
- Burn the ISO to a USB Stick.
dd bs=4M if=path/to/archlinux-version-x86_64.iso of=/dev/sdx conv=fsync oflag=direct status=progress
- Enable UEFI & Disable SecureBoot
Installation
Keyboard & fonts
Setup the keymap :
root@archiso ~ # localectl list-keymaps | grep fr
fr
fr_CH
fr_CH-latin1
...
root@archiso ~ # loadkeys fr
Zoom the font (optional) :
root@archiso ~ # setfont ter-120n
Wifi connection
Connect to wifi (you can skip this step if you are using an internet cable) :
root@archiso ~ # iwctl
[iwd]# device list
Devices
Name
wlan0
[iwd]# station wlan0 scan
[iwd]# station wlan0 get-networks
Available networks
Network name
wifi-13975935
[iwd]# station wlan0 connect wifi-13975935
Type the network passphrase for wifi-13975935 psk.
Passphrase: ****************
[iwd]# exit
root@archiso ~ # ip a
...
4: wlan0: ...
Clock
Set the system clock :
root@archiso ~ # timedatectl set-ntp true
Mirrors
Use the fastest mirror :
root@archiso ~ # reflector -c France -a 6 --sort rate --save /etc/pacman.d/mirrorlist
Update package databases :
root@archiso ~ # pacman -Syy
Partitions
List all the disks (computer disk : nvme0n1) :
root@archiso ~ # lsblk
NAME ... MOUNTPOINTS
loop0 ... /run/archiso/airootfs
sda ... /run/archiso/bootmnt
nvme0n1 ...
Partitions :
- EFI system partition (size : 260M, code: ef00)
- Linux swap (size: 4G, code: 8200)
- Linux filesystem (size: the rest of the disk, code: 8300)
root@archiso ~ # gdisk /dev/nvme0n1
Command (? for help): n
Partition number (1-128, default 1): <press enter to use default>
First sector : <press enter to use default>
Last sector : +260M
Hex code or GUID : ef00
Command (? for help): n
Partition number (1-128, default 1): <press enter to use default>
First sector : <press enter to use default>
Last sector : +4G
Hex code or GUID : 8200
Command (? for help): n
Partition number (1-128, default 1): <press enter to use default>
First sector : <press enter to use default>
Last sector : <press enter to use default>
Hex code or GUID : <press enter to use default>
Command (? for help): w
Do you want to proceed? (Y/N): Y
The operation has completed successfully.
Format partitions :
root@archiso ~ # lsblk
NAME ... MOUNTPOINTS
loop0 ... /run/archiso/airootfs
sda ... /run/archiso/bootmnt
nvme0n1
-> nvme0n1p1 260M part
-> nvme0n1p1 4G part
-> nvme0n1p1 500G part
Fat 32 for EFI :
root@archiso ~ # mkfs.fat -F32 /dev/nvme0n1p1
mkfs.fat 4.2 (2021-01-31)
Swap :
root@archiso ~ # mkswap /dev/nvme0n1p2
Setting up ...
root@archiso ~ # swapon /dev/nvme0n1p2
Encryption of linux FS (mapper name : cryptlinuxfs, use whatever you want):
root@archiso ~ # cryptsetup -y -v luksFormat /dev/nvme0n1p3
Are you sure ? YES
Enter passphrase: ...
Verify passphrase: ...
Command successful.
root@archiso ~ # cryptsetup open /dev/nvme0n1p3 cryptlinuxfs
cryptsetup open
root@archiso ~ # mkfs.ext4 /dev/mapper/cryptlinuxfs
...
root@archiso ~ # mount /dev/mapper/cryptlinuxfs /mnt
root@archiso ~ # mkdir /mnt/boot
root@archiso ~ # mount /dev/nvme0n1p1 /mnt/boot
Install essential packages (you can replace intel-ucode by amd-ucode) :
root@archiso ~ # pacstrap /mnt base linux linux-firmware vim intel-ucode
Configure the system
Generate the fstab file :
root@archiso ~ # genfstab -U /mnt >> /mnt/etc/fstab
root@archiso ~ # arch-chroot /mnt
[root@archiso /]#
Timezone and clock :
[root@archiso /]# timedatectl list-timezones | grep Paris
Europe/Paris
[root@archiso /]# ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime
[root@archiso /]# hwclock --systohc
Locale :
[root@archiso /]# sed -i "s/#en_US.UTF-8/en_US.UTF-8/g" /etc/locale.gen
[root@archiso /]# locale-gen
Generating locales ...
[root@archiso /]# echo "LANG=en_US.UTF-8" > /etc/locale.conf
[root@archiso /]# echo "KEYMAP=fr" > /etc/vconsole.conf
Hostname :
[root@archiso /]# echo "arch" > /etc/hostname
[root@archiso /]# echo "127.0.0.1 localhost arch arch.localdomain" >> /etc/hosts
[root@archiso /]# echo "::1 localhost" >> /etc/hosts
root passwd :
[root@archiso /]# passwd
New password:
Retype new password:
Install usefull packages :
[root@archiso /]# pacmam -S grub efibootmgr networkmanager network-manager-applet dialog wpa_supplicant mtools dosfstools base-devel linux-headers bluez bluez-utils cups xdg-utils xdg-user-dirs alsa-utils pulseaudio pulseaudio-bluetooth reflector bash-completion
Add keymap and encrypt modules :
[root@archiso /]# vim /etc/mkinitcpio.conf
...
HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)
...
[root@archiso /]# mkinitcpio -p linux
Install and configure grub :
[root@archiso /]# grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
[root@archiso /]# grub-mkconfig -o /boot/grub/grub.cfg
[root@archiso /]# blkid | grep crypto_LUKS
/dev/nvme0n1p3: UUID="89fdXXX" ...
[root@archiso /]# vim /etc/default/grub
...
GRUB_CMDLINE_LINUX="cryptdevice=UUID=89fdXXX:cryptlinuxfs root=/dev/mapper/cryptlinuxfs"
...
[root@archiso /]# grub-mkconfig -o /boot/grub/grub.cfg
Enable network, bluetooth and cups services :
[root@archiso /]# systemctl enable NetworkManager
[root@archiso /]# systemctl enable bluetooth
[root@archiso /]# systemctl enable cups
Create a user :
[root@archiso /]# useraddd -mG wheel xanhacks
[root@archiso /]# passwd xanhacks
New password:
Retype new password:
[root@archiso /]# export EDITOR=vim
[root@archiso /]# visudo
...
%wheel ALL=(ALL) ALL
...
Exit and reboot :
[root@archiso /]# exit
root@archiso ~ # umount -a
root@archiso ~ # shutdown now
Remove the USB key and add boot option to the grub.
Connect to a WIFI :
[xanhacks@arch ~]$ sudo nmtui
Set the clock :
[xanhacks@arch ~]$ sudo timedatectl set-ntp true
[xanhacks@arch ~]$ sudo hwclock --systohc
Setup mirrolist to the fatest mirrors.
[xanhacks@arch ~]$ sudo reflector -c France -a 6 --sort rate --save /etc/pacman.d/mirrorlist
[xanhacks@arch ~]$ sudo pacman -Syy
[xanhacks@arch ~]$ sudo systemctl enable reflector.timer