Skip to main content

How to install Arch Linux on Lenovo Thinkpad X13 Gen 5 (Intel)

Summary

Beginner friendly guide on how to install Arch Linux on a Lenovo ThinkPad X13 Gen 5 (Intel). This guide describes the entire process from obtaining Arch Linux to the finished installation including some further adjustments.

Introduction #

Installing Arch Linux can be exciting if you’ve never done it. This guide is tailored for beginners, walking you through the process of downloading, verifying, and installing Arch Linux. By the end, you’ll have a secure, efficient, and customized Arch Linux operating system up and running.

Let’s dive in and transform your ThinkPad X13 Gen 5 into a powerful Arch Linux machine.

Spoiler alert: Everything should work out of the box by the end of the process.

The process should work the same for the Lenovo ThinkPad X13 Gen 4. The devices are identical except for a few upgrades.

ThinkPad X13 Gen 5 specifications #

The ThinkPad X13 Gen 5 used for this instruction has the following configurations:

Getting Arch Linux #

To download Arch Linux, select one of the sources listed on the official Arch Linux downloads page. I usually download from a trustworthy source in my physical region. For this article, I’ve selected the HTTP direct downloads from Rackspace. You can always find the latest Arch Linux here.

Several files are available for download:

archlinux-2024.06.01-x86_64.iso
archlinux-2024.06.01-x86_64.iso.sig
archlinux-2024.06.01-x86_64.iso.torrent
archlinux-bootstrap-2024.06.01-x86_64.tar.zst
archlinux-bootstrap-2024.06.01-x86_64.tar.zst.sig
archlinux-bootstrap-x86_64.tar.zst
archlinux-bootstrap-x86_64.tar.zst.sig
archlinux-x86_64.iso
archlinux-x86_64.iso.sig
b2sums.txt
sha256sums.txt

From the list, download the following 3 files to your /Downloads/ folder:

Verifications #

Verifying archlinux-x86_64.iso is using the correct signing key (archlinux-x86_64.iso.sig) and checksum (see sha256sums.txt) is crucial for maintaining the security, integrity, and trustworthiness of the software being installed. It protects you from potential threats and ensures that you are using legitimate, unaltered software from a trusted source.

Verify signing key #

A PGP (Pretty Good Privacy) signing key is a cryptographic tool used to verify the authenticity and integrity of data. It consists of a private key, which is used to create a digital signature, and a corresponding public key, which others can use to verify that signature. When data is signed with a PGP key, the signature ensures that the data has not been tampered with and confirms the identity of the signer.

First, obtain the Arch Linux signing key from the Arch Linux Web Key Directory (WKD) by running the following command:

gpg --auto-key-locate clear,wkd -v --locate-external-key pierre@archlinux.org

The result should look similar to this:

user@host:~$ gpg --auto-key-locate clear,wkd -v --locate-external-key pierre@archlinux.org
gpg: enabled compatibility flags:
gpg: using pgp trust model
gpg: pub  rsa2048/7F2D434B9741E8AC 2011-04-10  Pierre Schmitz <pierre@archlinux.de>
gpg: key 7F2D434B9741E8AC: public key "Pierre Schmitz <pierre@archlinux.org>" imported
gpg: pub  ed25519/76A5EF9054449A5C 2022-10-31  Pierre Schmitz <pierre@archlinux.de>
gpg: key 76A5EF9054449A5C: public key "Pierre Schmitz <pierre@archlinux.org>" imported
gpg: Total number processed: 2
gpg:               imported: 2
gpg: 0 keys processed (0 validity counts cleared)
gpg: no ultimately trusted keys found
gpg: auto-key-locate found fingerprint 4AA4767BBC9C4B1D18AE28B77F2D434B9741E8AC
gpg: automatically retrieved 'pierre@archlinux.org' via WKD
pub   rsa2048 2011-04-10 [SC]
      4AA4767BBC9C4B1D18AE28B77F2D434B9741E8AC
uid           [ unknown] Pierre Schmitz <pierre@archlinux.org>
sub   rsa2048 2011-04-10 [E]

To verify the signature you’ve downloaded to your /Downloads/ folder run the following command:

$ gpg --keyserver-options auto-key-retrieve --verify ~/Downloads/archlinux-x86_64.iso.sig ~/Downloads/archlinux-x86_64.iso

The result should look like this:

user@host:~$ gpg --keyserver-options auto-key-retrieve --verify ~/Downloads/archlinux-x86_64.iso.sig ~/Downloads/archlinux-x86_64.iso
gpg: Signature made Sa 01 Jun 2024 11:09:43 CEST
gpg:                using EDDSA key 3E80CA1A8B89F69CBA57D98A76A5EF9054449A5C
gpg:                issuer "pierre@archlinux.org"
gpg: Good signature from "Pierre Schmitz <pierre@archlinux.org>" [unknown]
gpg: WARNING: The key's User ID is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3E80 CA1A 8B89 F69C BA57  D98A 76A5 EF90 5444 9A5C

The Arch Linux download page lists the latest checksums and signatures. In this case:

The PGP fingerprint, matches the last two blocks of the fingerprint of the imported key (5444 9A5C), so this should all be correct.

Verify checksum #

A checksum is a cryptographic signature that uniquely identifies a file. It is essentially a string that represents the file, so if the file is altered or modified in any way, its checksum value will change. The checksum allows us to detect if the archlinux-x86_64.iso image file has been tampered with.

Let’s open the downloaded sha256sums.txt file. It should look like this:

4cc7e1c9f4e97b384f0d8731f317b5995bde256fcc17160d32359cab923c5892  archlinux-2024.06.01-x86_64.iso
4cc7e1c9f4e97b384f0d8731f317b5995bde256fcc17160d32359cab923c5892  archlinux-x86_64.iso
34616c90f015caec8e32243f5b8fd785bd07f333ec042b7ee3c985f12856239c  archlinux-bootstrap-2024.06.01-x86_64.tar.zst
34616c90f015caec8e32243f5b8fd785bd07f333ec042b7ee3c985f12856239c  archlinux-bootstrap-x86_64.tar.zst

The first lines refer to .iso files, including the downloaded archlinux-x86_64.iso file. The checksum matches the one on the website.

To check if the mentioned checksum also matches the calculated checksum of the archlinux-x86_64.iso file, run the following command:

$ sha256sum ~/Downloads/archlinux-x86_64.iso

The result should look like this:

user@host:~$ sha256sum ~/Downloads/archlinux-x86_64.iso
4cc7e1c9f4e97b384f0d8731f317b5995bde256fcc17160d32359cab923c5892  /home/user/Downloads/archlinux-x86_64.iso

This confirmes, that archlinux-x86_64.iso has not been tampered with. Having everything verified, we can now create a boot stick from the image.

Creating the boot stick #

Place an empty, e.g. USB stick in your machine to write the archlinux-x86_64.iso image to. In this example, I will use GNOME Disks utility to do that.

In GNOME Disks, select the USB drive, then select Restore Disk Image. For source image, select the /Downloads/archlinux-x86_64.iso. Then click on “Start Restoring…”.

It’s OK, if the medium is has more storage capacity than the image needs (about 1.2 GB).

Once the image has been written to the stick, the partition type should be “0x00 (Bootable)”. You can now eject the disk.

Disable Secure Boot #

Now let’s install Arch Linux. Put the boot stick in the laptop. For it boot stick to be recognized and to be selectable from the boot menu, disable Secure Boot in BIOS on the Lenovo ThinkPad X13 Gen 5. Follow these steps to do that:

The computer will now reboot.

Set startup device #

Interrupt the startup process once again and select the boot device:

The computer will now run the arch install image from the stick. You will get a Z shell (zsh) root@archiso prompt in a virtual console in the live environment.

Set up WiFi #

To connect the machine to a network, I am using wpa_supplicant. Adjust the following command to match your SSID (WiFi network name) and password:

wpa_supplicant -B -i wlan0 -c <(wpa_passphrase "YOUR_SSID" YOUR_PASSPHRASE) && dhclient wlan0

The machine should report: “Successfully initialize wpa_supplicant”

To test the connection, ping archlinux.org with the following command:

ping -c 5 archlinux.org

This will send 5 pings to archlinux.org servers and should look similar to this:

user@host:~$ ping -c 5 archlinux.org
PING archlinux.org (95.217.163.246) 56(84) bytes of data.
64 bytes from archlinux.org (95.217.163.246): icmp_seq=1 ttl=52 time=43.0 ms
64 bytes from archlinux.org (95.217.163.246): icmp_seq=2 ttl=52 time=40.3 ms
64 bytes from archlinux.org (95.217.163.246): icmp_seq=3 ttl=52 time=45.4 ms
64 bytes from archlinux.org (95.217.163.246): icmp_seq=4 ttl=52 time=100 ms
64 bytes from archlinux.org (95.217.163.246): icmp_seq=5 ttl=52 time=42.4 ms

--- archlinux.org ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 40.334/54.294/100.360/23.089 ms

Run Archinstall #

I will now run the guided Arch Linux installer, archinstall. Just type archinstall in the prompt and the installer will start.

The installer covers several topics. I will proceed with the following settings, adjust to your liking:

Select Install to print the configuration to the screen. Review it, if you want. Press Enter to start the actual installation.

Once the installation is finished, you are aske if you would like to chroot into the neewly created installation. Select yes, if you would like to make further adjustments or no to reboot. Make sure to remove the stick before rebooting.

Further configurations #

Bluetooth #

Also the bluez and bluez-utils packages have been installed, I had to start the bluetooth service to get bluetooth working.

systemctl start bluetooth.service

If you want bluetooth to automatically start on boot or when bluetooth hardware is plugged in, run the following command as well:

systemctl enable bluetooth.service

Firewall #

To enable the Uncomplicated Firewall (ufw), simply run the following command:

sudo ufw enable

To test the firewall status run the following command:

sudo ufw status verbose

The result should look like this:

user@host:~$ sudo ufw status verbose 
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

German Umlauts on QWERTY keyboard #

I am German, typing on a US QWERTY keyboard, so this is a must for me. The topic of using German umlauts on QWERTY keyboards has long been a hassle. In recent years, using the AltGr key for umlauts got as easy as that:

This will allow to use German umlauts. For example, press AltGr+a to write the umlaut ä.

Use the Gnome language indicator (top right) to “Show Keyboard Layout” with all available options.


Further readings #

Sources and recommended, further resources on the topic:

Author

Jonas Jared Jacek • J15k

Jonas Jared Jacek (J15k)

Jonas works as project manager, web designer, and web developer since 2001. On top of that, he is a Linux system administrator with a broad interest in things related to programming, architecture, and design. See: https://www.j15k.com/

License

License: How to install Arch Linux on Lenovo Thinkpad X13 Gen 5 (Intel) by Jonas Jared Jacek is licensed under CC BY-SA 4.0.

This license requires that reusers give credit to the creator. It allows reusers to distribute, remix, adapt, and build upon the material in any medium or format, for noncommercial purposes only. To give credit, provide a link back to the original source, the author, and the license e.g. like this:

<p xmlns:cc="http://creativecommons.org/ns#" xmlns:dct="http://purl.org/dc/terms/"><a property="dct:title" rel="cc:attributionURL" href="https://www.ditig.com/instructions/how-to-install-arch-linux-on-lenovo-thinkpad-x13-gen-5">How to install Arch Linux on Lenovo Thinkpad X13 Gen 5 (Intel)</a> by <a rel="cc:attributionURL dct:creator" property="cc:attributionName" href="https://www.j15k.com/">Jonas Jared Jacek</a> is licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/" target="_blank" rel="license noopener noreferrer">CC BY-SA 4.0</a>.</p>

For more information see the DITig legal page.


“Form ever follows function.”

Louis Henry Sullivan, American architectThe Tall Office Building Artistically Considered, - IT quotes