Re: GRUB and boot partition
- Date: Tue, 26 Dec 2017 13:47:23 +0300
- From: Reco <recoverym4n@xxxxxxxxx>
- Subject: Re: GRUB and boot partition
On Tue, Dec 26, 2017 at 11:36:13AM +0100, tomas@xxxxxxxxxx wrote:
> On Tue, Dec 26, 2017 at 10:42:46AM +0100, Pascal Hambourg wrote:
> > Le 26/12/2017 à 02:47, microsoft gaofei a écrit :
> > >https://wiki.archlinux.org/index.php/GRUB#Boot_partition
> > >ArchWiki has carried an introduction of GRUB , it offers a feature to decrypt your partitions and you don't need to separate /boot . Debian also uses GRUB as its boot loader ,but Debian still separates /boot partition and leave it unencrypted
> > Note however that in any case, the early part of GRUB cannot be
> > encrypted [...]
> Is there any inherent advantage to having /boot encrypted?
Presumably it should help with scenario such as .
But, as  shows us, the protection that's offered by encrypted boot is
incomplete as it relies on the fact that the bootloader (GRUB) was not