On 20-11-2015 16:13, Damjan Georgievski wrote: > On 20 November 2015 at 17:04, Mauro Santos <registo.mailling@xxxxxxxxx> wrote: >> On 20-11-2015 17:19, Joan Aymà wrote: >>> Why should not be easier to boot following Disk_Encryption on the wiki[1]? >>> >>> Regards. >>> >>> [1]https://wiki.archlinux.org/index.php/Disk_encryption >> >> Because I'm talking about this [1] and not software based encryption. >> >> [1] https://en.wikipedia.org/wiki/Hardware-based_full_disk_encryption > > I'd sincerely advice against using these 'hardware' disk encryptions. > what happens when your motherboard is at fault, and you need the data > on the disk *now* and it wont work in a USB enclosure? I am well aware of that problem, that's a risk I'm willing to take. Meanwhile I'm enjoying how quiet and snappy it is now vs SW encryption on my old laptop that doesn't support AES-NI ;) > anyway, maybe you could use kexec in your PBA and run the installed > linux kernel with that. I did think about this but it would make me parse bootloader configuration files to find all the options I would need to pass on the kernel's command line. I suspect that it would also force me to use a larger PBA image that might have to be updated more often, which I'd like to avoid. -- Mauro Santos
