[Cryptography] Disk encryption
Michael Kjörling
9bf3a7ef93bb at ewoof.net
Tue May 2 12:54:23 EDT 2023
On 1 May 2023 10:40 -0700, from kentborg at borg.org (Kent Borg):
> I've done "full disk encryption"* on laptop SSDs for many years, using Linux
> encryption, as setup by Debian, [...]
> * "Full disk encryption" of course can't include the boot volume.
However, it _is_ possible to get pretty close.
https://wiki.debian.org/GRUB2#Configure_encrypted_.2Fboot
I do believe that there are some caveats; for example, I think GRUB's
support for LUKS 2 is still very limited. Still, it's far better than
leaving the kernel and initrd exposed as plain text binary images.
--
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”
More information about the cryptography
mailing list