I do this today, my dell xps15 came with a 1tb nvme disk with windoze of course, but professional at least, so figured I'd keep it around for bios updates and such.

What I did was before screwing with bitlocker or anything on windoze, I resized the ntfs slice down to 130gb or so, left the restore partition crap alone, and built between them.  Since keeping windoze going, that means efi booting, so left those alone, starting by creating /boot unencrypted, then my luks crypt volume for everything else.  I have luks slices for ubuntu, arch, common home dir, common storage dir, things like that, but grub lets me boot into any pretty painlessly.

Afterwards I enabled bitlocker encryption on windoze, so all are encrypted but efi/boot/restore drives.

Here's what my lsblk looks like with notes after each line.

[user@host ~]$ lsblk
NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
nvme0n1                 259:0    0 953.9G  0 disk  
├─nvme0n1p1             259:1    0   499M  0 part  /boot/efi
├─nvme0n1p2             259:2    0   128M  0 part  (windoze boot)
├─nvme0n1p3             259:3    0 131.5G  0 part  (windoze c:)
├─nvme0n1p4             259:4    0   834M  0 part  (dell restore data)
├─nvme0n1p5             259:5    0   499M  0 part  /boot
├─nvme0n1p6             259:6    0 808.1G  0 part  
│ └─spv0                254:0    0 808.1G  0 crypt
│   ├─host--vg0-root0   254:1    0    17G  0 lvm   (ubuntu root)
│   ├─host--vg0-swap0   254:2    0     4G  0 lvm   (both swap)
│   ├─host--vg0-var0    254:3    0     6G  0 lvm   (ubuntu var)
│   ├─host--vg0-varlog0 254:4    0     3G  0 lvm   (ubuntu var/log)
│   ├─host--vg0-home0   254:5    0   120G  0 lvm   /home (both home)
│   ├─host--vg0-ext0    254:6    0   340G  0 lvm   /mnt/ext0 (both extra storage)
│   ├─host--vg0-root1   254:7    0    24G  0 lvm   / (arch root)
│   ├─host--vg0-var1    254:8    0    10G  0 lvm   /var (arch var)
│   ├─host--vg0-varlog1 254:9    0     3G  0 lvm   /var/log (arch var/log)
│   └─host--vg0-home1   254:10   0    10G  0 lvm  (arch temp home)
└─nvme0n1p7             259:7    0    12G  0 part   (dell restore data)

-mb


On Wed, Aug 12, 2020 at 8:30 AM Seabass via PLUG-discuss <plug-discuss@lists.phxlinux.org> wrote:
I have a TB storage drive that Won’t get filled.
It is also the only drive in the computer.
So I’d like to partition the drive with multiple different operating systems with different purposes.
However, I’d also like each OS to be encrypted, do nothing that gets on one system gets into another, and so nobody has easy access if the computer is stolen.

As far as I’m aware, disk encryption requires presetting which partition is the root partition, so does anyone know if it is possible to have multiple operating systems on a computer and have each be encrypted?
Or am I required to keep them unencrypted if I want multiple operating systems?
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss