On 16.07.2013, J.Witvliet@xxxxxxxxx wrote: > The /boot partition must of course remain unencrypted, otherwise you > can't boot your encrypted system at all. > Are you sure about that? > Afaicr grub2 was supposed to be able to have /boot inside the encrypted area. > (there still remains some unencrypted disk-blocks though) Never heard that grub2 should be able to do that. Besides: I don't see the point. The /boot partition doesn't contain anything worth copying for an adversary. And if he/she already has/had physical access to your machine, you're hosed.. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
