On 2017-12-29 06:46 AM, Pascal Hambourg wrote:
Le 29/12/2017 à 11:02, deloptes a écrit :
microsoft gaofei wrote:
I'm thinking about a question ,how my hard disk admits so much data
? If
/boot partition is encrypted , then how does my hard disk admit GRUB ?
sudo fdisk /dev/sda , and press o to create a DOS partition table .
This
software starts on sector 2048 by default . So how does the 2048
sectors
admit GRUB to achieve encrypted /boot ?
FWIW, here is what I replied to the OP's private mail :
GRUB core image embeds all the required modules to read /boot/grub,
including crypto modules when /boot/grub is encrypted.
2048 512-byte sectors is 1 MiB. GRUB BIOS core image does not need so
much space. GRUB BIOS was developed at a time when partition alignment
was based on "cylinders", so the first partition usually started at
sector 63. GRUB BIOS core image was initially designed to fit in that
30 KiB space. It has grown a bit over time and is sometimes slightly
bigger than 30 KiB, but 1 MiB is still plenty of space.
A copy of GRUB BIOS core image is kept in /boot/grub/i386-pc/core.img,
so you can see its size.
you don't encrypt boot
Why not ?
There's a lot of (not so) old information about /boot. I still have one
machine with a separate /boot partition because when I first set it up,
it was still required when using an mdadm RAID array.
