I Evolution vælger du Rediger -> Indstillinger (eller Shift-Ctrl-S) -> Certifikater -> Kontaktpersoners certifikater -> Importer hvorefter du får mulighed for at importere den hentede .cer fil.

Du skal naturligvis have din egen private signaturfil i Evolution.

Unfortunately, the installer (the alternative one) do not recognise the encrypted hard drive, and is therefore not able to use it. This little guide helps you to reuse your LVM layout - and your data!

NB: Use this guide at your own risk!

Follow the installation until "Set up network", then press ctrl-alt F2 to start a console and run

modprobe dm-crypt
cryptsetup luksOpen /dev/sda5 sda5_crypt


Replace /dev/sda5 with your encrypted partition. You will now be prompted for your passphrase for the encrypted partition, after which you run

vgscan
vgchange -ay

in order to activate the lvm volumes.

Press ctrl-alt f1 to get back to the installer. When asked for partition method select Manual, and your encrypted LVM volumes are now on the list. You still need to set mount points etc., and remember NOT to mark them for formatting. Continue the installation.

Boot into rescue with your LVM root volume as /

Find the unique id for this "disk" from:
ls -l /dev/disk/by-uuid

Insert a line like

sda5_crypt /dev/disk/by-uuid/df05112c-65bf-44a2-b6d1-a740c3444b53 none luks

into /etc/crypttab. Remember to use the uuid found above together with what ever name you have given the device. sda5_crypt will give a device called /dev/mapper/sda5_crypt

To avoid manually typing the uuid, it is possible just to do:
ls -l /dev/disk/by-uuid >> /etc/crypttab
nano - /etc/crypttab

This will copy the entire content of "ls -l /dev/disk/by-uuid" into the bottom of /etc/crypttab, and open the file for editing with nano.

Run update-initramfs -u, reboot and you are ready to go!

/usr/sbin/dropbear -p 2222

Preparation
Start by installing the software needed:

sudo apt-get install libpam-mount cryptsetup

Add these line to /etc/initramfs-tools/modules

dm_mod
dm_crypt
sha256
aes_i586

and update the initrd-image with

sudo update-initramfs -u all

Making the encrypted partition
Remember to take BACKUP, because all data at /dev/sda6 will be lost!!!

Now we have to make the encrypted partition, in this example the devices name is /dev/sda6. First we load the needed modules

sudo modprobe dm_crypt
sudo modprobe sha256
sudo modprobe aes_i586

and the make the LUKS-partiton (use your log-in password):

sudo cryptsetup luksFormat /dev/sda6

Now /dev/sda6 has the LUKS format, and can be attached to /dev/mapper:

sudo cryptsetup luksOpen /dev/sda6 encrypted_home

And then we can make a file system on it, here ext3

sudo mkfs.ext3 -j -O dir_index -m 0 -v /dev/mapper/encrypted_home

Finally we can mount the partition, to see if it works

sudo mount /dev/mapper/encrypted_home /mnt

Unmount and close the LUKS partition:

sudo umount /mnt
sudo cryptsetup luksClose encrypted_home

Setting up pam_mount
Insert

auth optional /lib/security/pam_mount.so use_first_pass

into /etc/pam.d/common-auth

and

session optional /lib/security/pam_mount.so

into /etc/pam.d/common-session

Now create a mount point for the LUKS partition

sudo mkdir /encrypted_home
sudo chmod 777 /encrypted_home

And add

volume foo crypt - /dev/sda6 /encrypted_home cipher=aes - -

into /etc/security/pam_mount.conf

This means that every time the user foo logs in, the LUKS partition will be mounted on /encrypted_home, using the password foo entered. Therefor the LUKS password has to be the same as the log in password.

Log out, log in and see if it works :)

This is inspirited by:
http://thomasdamgaard.dk/blog/article/krypteret-swap-og-root-filsystem-med-luks-og-ubuntu