Re: Possible for full-disk encryption to encrypt /boot as well?
- Date: Sat, 26 May 2018 04:18:26 +0300
- From: Abdullah Ramazanoğlu <ar018@xxxxxxxxx>
- Subject: Re: Possible for full-disk encryption to encrypt /boot as well?
On Fri, 25 May 2018 17:33:54 -0700 Robert Dodier said:
> It may be true that encrypted /boot is not really relevant, but I
> don't want to try to argue with tech support staff that a system with
> unencrypted /boot is close enough. I feel like it needs to be all or
> nothing in order for me to press this issue with them.
Or you can offer them a setup more than full-disk encryption: Put the
(unencrypted) /boot on a USB stick, and the rest of the system on fully
* With full disk encryption (Linux or Windows) all one needs is the pass-phrase.
* With /boot on USB stick, one needs both the key (the stick) and the
At any rate, it is technically "full disk encryption" - there's nothing
unencrypted on hard drive, is there? :)