From 81bad75abf3cf4a97da6fe4f58a6eb0d6cd8359e Mon Sep 17 00:00:00 2001 From: Francis Rowe Date: Thu, 29 Jan 2015 06:33:01 -0500 Subject: Documentation: fix typos. --- (limited to 'docs/gnulinux/encrypted_parabola.html') diff --git a/docs/gnulinux/encrypted_parabola.html b/docs/gnulinux/encrypted_parabola.html index 7f60ebc..a48e489 100644 --- a/docs/gnulinux/encrypted_parabola.html +++ b/docs/gnulinux/encrypted_parabola.html @@ -43,7 +43,7 @@

- Parabola is much more flexible than Trisquel, but also more involved to setup. + Parabola is much more flexible than Trisquel, but also more involved to set up.

@@ -78,7 +78,7 @@ If your drive was already LUKS encrypted (maybe you are re-installing your distro) then it is already 'wiped'. You should just wipe the LUKS header. https://www.lisenet.com/2013/luks-add-keys-backup-and-restore-volume-header/ - showed me how to do this. It recommends to do the first 3MiB. Now, that guide is recommending putting zero there. I'm doing to use urandom. Do this:
+ showed me how to do this. It recommends doing the first 3MiB. Now, that guide is recommending putting zero there. I'm doing to use urandom. Do this:
# head -c 3145728 /dev/urandom > /dev/sda; sync
(wiping the LUKS header is important, since it has hashed passphrases and so on. It's 'secure', but 'potentially' a risk).

@@ -139,13 +139,12 @@ # cryptsetup benchmark (for making sure the list below is populated)
Then:
# cat /proc/crypto
- This gives me crypto options that I can use. It also provides a representation of the best way to setup LUKS (in this case, security is a priority; speed, a distant second). + This gives me crypto options that I can use. It also provides a representation of the best way to set up LUKS (in this case, security is a priority; speed, a distant second). To gain a better understanding, I am also reading:
# man cryptsetup

- Following that page, based on my requirements, I do the following based on - based on https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Encryption_options_for_LUKS_mode. + Following that page, based on my requirements, I do the following based on https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Encryption_options_for_LUKS_mode. Reading through, it seems like Serpent (encryption) and Whirlpool (hash) is the best option.

@@ -184,7 +183,7 @@ # lvcreate -L 2G matrix -n swapvol (2G swap partition, named swapvol)
# lvcreate -l +100%FREE matrix -n rootvol (single large partition in the rest of the space, named rootvol)
You can also be flexible here, for example you can specify a /boot, a /, a /home, a /var, a /usr, etc. For example, - if you will be running a web/mail server then you want /var in it's own partition (so that if it fills up with logs, it won't crash your system). + if you will be running a web/mail server then you want /var in its own partition (so that if it fills up with logs, it won't crash your system). For a home/laptop system (typical use case), a root and a swap will do (really).

@@ -213,7 +212,7 @@

Now I am following the rest of https://wiki.parabolagnulinux.org/Installation_Guide. - I also also cross referencing https://wiki.archlinux.org/index.php/Installation_guide. + I also cross referenced https://wiki.archlinux.org/index.php/Installation_guide.

Create /home and /boot on rootvol mountpoint:
@@ -244,7 +243,7 @@    Check there first to see if steps differ by now.
   Now you have to update the default Parabola keyring. This is used for signing and verifying packages:
   # pacman -Sy parabola-keyring
-    It says that you you get GPG errors, it's probably an expired key so do:
+    It says that if you get GPG errors, then it's probably an expired key and, therefore, you should do:
   # pacman-key --populate parabola
   # pacman-key --refresh-keys
   # pacman -Sy parabola-keyring
@@ -352,7 +351,7 @@

  • - Now using mkinitcpio, you can create the kernel and ramdisk for booting with (note, this is different than Arch, specifying linux-libre instead of linux):
    + Now using mkinitcpio, you can create the kernel and ramdisk for booting with (this is different from Arch, specifying linux-libre instead of linux):
    # mkinitcpio -p linux-libre
    Also do it for linux-libre-lts:
    # mkinitcpio -p linux-libre-lts
    -- cgit v0.9.1