[dm-crypt] Integrate cryptsetup in bootloader

Milan Broz gmazyland at gmail.com
Tue Nov 19 05:56:19 CET 2013



On 11/19/2013 03:20 AM, Trinh Van Thanh wrote:
> Hi all,
> 
> Unencrypted boot partition is not safe for some special requirements.
> So I want to increase the secure level for full disk encryption using
> dm-crypt. Can I integrate cryptsetup in bootloader (example GRUB2) or
> is there any other solutions?

FYI GRUB2 has some LUKS support already integrated, you can try it...
It is reimplementation, just some code was copied from cryptsetup.
See e.g. Gentoo wiki
http://wiki.gentoo.org/wiki/GRUB2#Booting_from_LUKS_Physical_Volume

But I think not many people using it, initramfs with boot partition
is most common.

Milan


More information about the dm-crypt mailing list