I just upgraded my home and work computers to Ubuntu 9.04. As expected this went smoothly. While I was at it, on my work computer I did a reinstall in order to get the full drive encryption which has been available in Ubuntu for several releases now. It is easy enough to set up, as per several online guides; perhaps the only thing missing is an option to have the drive unlocked by a keyfile (say on a USB thumb drive) instead of by passphrase.
But I was of course not prepared to take it at face value — I then booted from a Linux CD to have a poke at it and convince myself a) that I really couldn't mount the drive without the passphrase; and b) that I knew how to access the drive even if the OS on the hard drive would not boot.
There are some online guides to rescueing an encrypted Ubuntu system. I did something slightly different; I booted the Ubuntu alternative install CD, and allowed it to load all the drivers (importantly to get the LVM drivers loaded) before ALT-F2ing over to the provided console; that avoids having to load any of the modules manually.
Ubuntu's encrypted drive setup is to create a small unencrypted boot partition at the end of the drive, and the rest of the drive in a single partition which is an LVM PV wrapped in an LUKS encrypted volume. For my reference, this is the screenshot from accessing the drive while booted from CD.
