Comments (2)
ilkkajylha
commented on September 26, 2024
2
There is no need to enter password two times, if you are using keyfile. The encrypt hook can take the file specified in the cryptkey kernel parameter and use it to unlock the cryptdevice.
http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/
from itpol.
zaolin
commented on September 26, 2024
Yep, that's possible by building grub2 with cryptsetup support. The smarter solution is to enable lvm support in grub and using the boot partition as logical volume so that the whole partition in one cryptsetup volume which encloses the lvm physical volume.
If shim protects the grub2 efi module it should be also possible to establish a secure boot.
But keep in mind you have to enter a password two times because of grub2 which can't pass the key to the linux kernel.
Regards Zaolin
from itpol.
Related Issues (18)
- Additional Resources / References Section
- Provision intel AMT by default HOT 3
- Misleading passage about LUKS HOT 1
- Remove use of Ghostery because it is proprietary and could contain secret security issues HOT 2
- Use future-default ? HOT 4
- Suggestion: Mention expected errors from "cp -rp ~/.gnupg [/media/disk/name]/gnupg-backup" HOT 1
- default bit size for master key HOT 2
- Please give concrete examples of threat Git without GPG HOT 4
- gpg: error reading key: No public key HOT 4
- Git Commit Hashes
- linux-workstation-security.md needs an update review
- Document steps to create subkey for a new machine
- Coreboot is missing as alternate firmware option. HOT 3
- Can you clarify the choice of RSA for `cert` and ECC for `sign,encr,auth` ? HOT 1
- Apple instructions link for encrypting storage device is broken
- CIS Benchmark Inclusion HOT 1
- Ad Blocking for browsers HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from itpol.