Encrypting boot directory2019 Community Moderator ElectionBoot-loader to boot to an encrypted partitionIs there a way to view the console output instead of boot logo, while my RHEL 6.2 machine boots up?/sbin/cryptsetup not found on bootLUKS encryption full disk, how many RAM?Encrypt existing disk with LUKS?Mint, install and LUKS/LVMIs there a way to enable secure boot in Linux?Should This Fedora Method of Encrypting /boot Work on Deb/Ubuntu?Linux encrypted partition on self-encrypting hard drive?Encrypting hard drive containing the MBR with Veracrypt

Calculating the number of days between 2 dates in Excel

Superhero words!

My boss asked me to take a one-day class, then signs it up as a day off

When is separating the total wavefunction into a space part and a spin part possible?

Identify a stage play about a VR experience in which participants are encouraged to simulate performing horrific activities

Have I saved too much for retirement so far?

Is the next prime number always the next number divisible by the current prime number, except for any numbers previously divisible by primes?

Bob has never been a M before

node command while defining a coordinate in TikZ

Can the electrostatic force be infinite in magnitude?

Freedom of speech and where it applies

Reply ‘no position’ while the job posting is still there (‘HiWi’ position in Germany)

How to prevent YouTube from showing already watched videos?

Can a Gentile theist be saved?

What is the opposite of 'gravitas'?

What would you call a finite collection of unordered objects that are not necessarily distinct?

Who must act to prevent Brexit on March 29th?

Latex for-and in equation

Giant Toughroad SLR 2 for 200 miles in two days, will it make it?

Organic chemistry Iodoform Reaction

Simple image editor tool to draw a simple box/rectangle in an existing image

How to be able to process a large JSON response?

What will be the benefits of Brexit?

word describing multiple paths to the same abstract outcome



Encrypting boot directory



2019 Community Moderator ElectionBoot-loader to boot to an encrypted partitionIs there a way to view the console output instead of boot logo, while my RHEL 6.2 machine boots up?/sbin/cryptsetup not found on bootLUKS encryption full disk, how many RAM?Encrypt existing disk with LUKS?Mint, install and LUKS/LVMIs there a way to enable secure boot in Linux?Should This Fedora Method of Encrypting /boot Work on Deb/Ubuntu?Linux encrypted partition on self-encrypting hard drive?Encrypting hard drive containing the MBR with Veracrypt










0















I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?






linux boot







share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago















0















I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?






linux boot







share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago













0












0








0








I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?






linux boot







share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?






linux boot




linux boot






share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question






New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Mar 22 at 18:38









SaraSara

1




1




New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago












  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago







2




2





Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

– nwildner
Mar 22 at 18:41





Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

– nwildner
Mar 22 at 18:41













Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

– Sara
Mar 22 at 19:32





Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

– Sara
Mar 22 at 19:32




1




1





I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

– nwildner
Mar 22 at 20:18






I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

– nwildner
Mar 22 at 20:18














A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

– wurtzkurdle
2 days ago





A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

– wurtzkurdle
2 days ago










0






active

oldest

votes











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Sara is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f508051%2fencrypting-boot-directory%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes








Sara is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















Sara is a new contributor. Be nice, and check out our Code of Conduct.












Sara is a new contributor. Be nice, and check out our Code of Conduct.











Sara is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f508051%2fencrypting-boot-directory%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-boot, linux
-

Popular posts from this blog

Creating 100m^2 grid automatically using QGIS?Creating grid constrained within polygon in QGIS?Createing polygon layer from point data using QGIS?Creating vector grid using QGIS?Creating grid polygons from coordinates using R or PythonCreating grid from spatio temporal point data?Creating fields in attributes table using other layers using QGISCreate .shp vector grid in QGISQGIS Creating 4km point grid within polygonsCreate a vector grid over a raster layerVector Grid Creates just one grid

Image
Pattern match does not work in bash script Mage Armor with Defense fighting style (for Adventurers League bladeslinger) LaTeX closing $ signs makes cursor jump String Manipulation Interpreter Can divisibility rules for digits be generalized to sum of digits I'm planning on buying a laser printer but concerned about the life cycle of toner in the machine What is the offset in a seaplane's hull? How can I make my BBEG immortal short of making them a Lich or Vampire? What are the differences between the usage of 'it' and 'they'? The use of multiple foreign keys on same column in SQL Server How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy? Is it tax fraud for an individual to declare non-taxable revenue as taxable income? (US tax laws) Why Is Death Allowed In the Matrix? Minkowski space Why are 150k or 200k jobs considered good when there are 300k+ births a month? Why do f...
Read more

What is this called? Old film camera viewer?What makes a good film camera?What to do with an old film camera?What should one look for when buying a used film camera?What is the value and age of this pre-1967 Ricoh 35 mm camera?DSLR recommendation, question about old Canon 35mm film Camera & lensesCan anyone identify the silver rangefinder-style camera in this advertisement?What kind of a Polaroid 600-camera is this?Will an old film camera still work even when not used in a very long time?What is this camera / Can I develop the film?How to fit an action camera into antique (bellows) housing?What to check when buying used and old film bodies?

Image
Why is delta-v is the most useful quantity for planning space travel? How to color a zone in Tikz Is there enough fresh water in the world to eradicate the drinking water crisis? Adding empty element to declared container without declaring type of element Can I use my Chinese passport to enter China after I acquired another citizenship? Superhero words! What to do when my ideas aren't chosen, when I strongly disagree with the chosen solution? My boss asked me to take a one-day class, then signs it up as a day off Can a Bard use an arcane focus? Can a malicious addon access internet history and such in chrome/firefox? Pronouncing Homer as in modern Greek Java - What do constructor type arguments mean when placed *before* the type? Is there a good way to store credentials outside of a password manager? Why are all the doors on Ferenginar (the Ferengi home world) far shorter than the average Ferengi? Have I saved too much for retirement so far? Why Were M...
Read more

Why is this plane circling around the Lucknow airport every day?Why do aircraft on Flight Radar 24 jump around randomly sometimes?What airport has this walkway over a taxiway?How does Chicago O'Hare's tower sequence aircraft at peak capacity?Which airport is featured in this Delta commercial?After a crash, for how long is the airport closed?Can a passenger plane stand still in the air, or hover at a fixed location above a ground?What are those trucks towing around, and why?What is this airport outside of Cairo, Egypt?Which US airport has the lowest circling MDH?What is this airport video?

Image
Freedom of speech and where it applies THT: What is a squared annular “ring”? Hot bath for aluminium engine block and heads Delete database accidentally by a bash, rescue please Why do IPv6 unique local addresses have to have a /48 prefix? How can Trident be so inexpensive? Will it orbit Triton or just do a (slow) flyby? Customize circled numbers Drawing ramified coverings with tikz How does the reference system of the Majjhima Nikaya work? Why did the EU agree to delay the Brexit deadline? Melting point of aspirin, contradicting sources Is Asuka Langley-Soryu disgusted by Shinji? Did US corporations pay demonstrators in the German demonstrations against article 13? Is camera lens focus an exact point or a range? Does a 'pending' US visa application constitute a denial? GraphicsGrid with a Label for each Column and Row How do you respond to a colleague from another team when they're wrongly expecting that you'll help them? How is flybla...
Read more