-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 15/09/18 16:48, Pascal Hambourg wrote: > Le 15/09/2018 à 00:45, Matthew Crews a écrit : >> On Friday, September 14, 2018 10:58 AM, Pascal Hambourg >> <pas...@plouf.fr.eu.org> wrote: >> >>> Actually you can have / including /boot on LUKS with GRUB. It >>> is just not natively supported by the Debian installer. >> >> Oh really? I might need to look into that. Where can I learn >> more? > > You must add GRUB_ENABLE_CRYPTODISK=y into /etc/default/grub > before running grub-install and update-grub/grub-mkconfig. Quote > from https://www.gnu.org/software/grub/manual/grub/grub.html : > > ‘GRUB_ENABLE_CRYPTODISK’ > > If set to ‘y’, grub-mkconfig and grub-install will check for > encrypted disks and generate additional commands needed to access > them during boot. Note that in this case unattended boot is not > possible because GRUB will wait for passphrase to unlock encrypted > container. Interesting, when does grub get dropbear ssh equivalent, so that it can be headless and have the crypted volume unlocked at boot using ssh? Cheers A. -----BEGIN PGP SIGNATURE----- iF0EAREIAAYFAludKqoACgkQqBZry7fv4vsUgQD/YVK+GOY5aJg0QhY0ezi57U5P H8WUvi8rl1FwxGWk8ZEA92KOb9I5BdSNaIEg00zPcLY6CVBjbQ9snUF/52pPWkQ= =xM38 -----END PGP SIGNATURE-----
