Web lists-archives.com

Possible for full-disk encryption to encrypt /boot as well?




Hello,

I'm working with Debian 9. I gather that there is a full-disk
encryption option for the standard Debian installer, which, as I
understand it, does not include encrypting /boot. (The system I'm
working on wasn't encrypted when it was installed, so the system would
have to be reinstalled, that's OK.)

The only description of encrypting /boot that I was able to find is:
https://gist.github.com/ppmathis/ccfbfce86484dc61834c1f17568d7b80
I wonder if there is any simpler approach.

Is it possible that, perhaps, other Linux distributions have an option
for encrypting /boot? I wasn't able to find any information about
that.

It's OK if the answer to these questions is no, I'm just trying to
sort out the feasibility of encrypting /boot.

Thanks in advance for any info, I appreciate it very much.

Robert Dodier