Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Full encryption for Ubuntu: Why isn't this taken seriously?

  1. #11
    Join Date
    May 2014
    Beans
    25
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: Full encryption for Ubuntu: Why isn't this taken seriously?

    Ok so I did the install, using luks1 to be safe I understand that it is possible to convert to LUKS2 in the future so I will consider doing that sometime.

  2. #12
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,849
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Full encryption for Ubuntu: Why isn't this taken seriously?

    Is it really a big deal that /boot isn't always encrypted? I think some of the problems may be with the various boot loaders themselves. I don't think some of the boot loaders are compatible with many types of encryption of than grub with LUKS.

  3. #13
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Full encryption for Ubuntu: Why isn't this taken seriously?

    Quote Originally Posted by kevdog View Post
    Is it really a big deal that /boot isn't always encrypted? I think some of the problems may be with the various boot loaders themselves. I don't think some of the boot loaders are compatible with many types of encryption of than grub with LUKS.
    I don't think it is, but I've been using a USB flash drive as /boot because I've got an internal USB header.

    It made my overall partitioning scheme a hell of a lot easier since I was able to encrypt the whole drive instead of just the extended partition.

    FWIW, I checked the box I did an install on about 6 months ago and the root device is running luks2.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #14
    Join Date
    May 2014
    Beans
    25
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: Full encryption for Ubuntu: Why isn't this taken seriously?

    Quote Originally Posted by kevdog View Post
    Is it really a big deal that /boot isn't always encrypted? I think some of the problems may be with the various boot loaders themselves. I don't think some of the boot loaders are compatible with many types of encryption of than grub with LUKS.
    I agree, for the large majority of users, according to the threat model they are protecting against with encryption, it's not a big deal that /boot is not encrypted.

    There are some, though, for whom it would matter.

Page 2 of 2 FirstFirst 12

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •