On Tue, 2013-11-19 at 09:20 +0700, Trinh Van Thanh wrote: > Unencrypted boot partition is not safe for some special requirements. > So I want to increase the secure level for full disk encryption using > dm-crypt. Can I integrate cryptsetup in bootloader (example GRUB2) or > is there any other solutions? Integrating it in the bootloader doesn't really help you since then the bootloader is the weak point. In the end you'll always need an unencrypted kernel/initrd/bootloader... so what one can do is booting from a USB stick,.. which you have always with you... and then have a fully encrypted root-fs. Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
