Encrypting boot directory2019 Community Moderator ElectionBoot-loader to boot to an encrypted partitionIs there a way to view the console output instead of boot logo, while my RHEL 6.2 machine boots up?/sbin/cryptsetup not found on bootLUKS encryption full disk, how many RAM?Encrypt existing disk with LUKS?Mint, install and LUKS/LVMIs there a way to enable secure boot in Linux?Should This Fedora Method of Encrypting /boot Work on Deb/Ubuntu?Linux encrypted partition on self-encrypting hard drive?Encrypting hard drive containing the MBR with Veracrypt

Calculating the number of days between 2 dates in Excel

Superhero words!

My boss asked me to take a one-day class, then signs it up as a day off

When is separating the total wavefunction into a space part and a spin part possible?

Identify a stage play about a VR experience in which participants are encouraged to simulate performing horrific activities

Have I saved too much for retirement so far?

Is the next prime number always the next number divisible by the current prime number, except for any numbers previously divisible by primes?

Bob has never been a M before

node command while defining a coordinate in TikZ

Can the electrostatic force be infinite in magnitude?

Freedom of speech and where it applies

Reply ‘no position’ while the job posting is still there (‘HiWi’ position in Germany)

How to prevent YouTube from showing already watched videos?

Can a Gentile theist be saved?

What is the opposite of 'gravitas'?

What would you call a finite collection of unordered objects that are not necessarily distinct?

Who must act to prevent Brexit on March 29th?

Latex for-and in equation

Giant Toughroad SLR 2 for 200 miles in two days, will it make it?

Organic chemistry Iodoform Reaction

Simple image editor tool to draw a simple box/rectangle in an existing image

How to be able to process a large JSON response?

What will be the benefits of Brexit?

word describing multiple paths to the same abstract outcome



Encrypting boot directory



2019 Community Moderator ElectionBoot-loader to boot to an encrypted partitionIs there a way to view the console output instead of boot logo, while my RHEL 6.2 machine boots up?/sbin/cryptsetup not found on bootLUKS encryption full disk, how many RAM?Encrypt existing disk with LUKS?Mint, install and LUKS/LVMIs there a way to enable secure boot in Linux?Should This Fedora Method of Encrypting /boot Work on Deb/Ubuntu?Linux encrypted partition on self-encrypting hard drive?Encrypting hard drive containing the MBR with Veracrypt










0















I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?










share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago















0















I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?










share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago













0












0








0








I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?










share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I want to encrypt only the /boot (boot directory) in my linux machine. does LUKS provide encryption with boot?







linux boot






share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question







New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question






New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Mar 22 at 18:38









SaraSara

1




1




New contributor




Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Sara is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago












  • 2





    Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

    – nwildner
    Mar 22 at 18:41











  • Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

    – Sara
    Mar 22 at 19:32






  • 1





    I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

    – nwildner
    Mar 22 at 20:18












  • A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

    – wurtzkurdle
    2 days ago







2




2





Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

– nwildner
Mar 22 at 18:41





Let me ask: Why would you encrypt BOOT ONLY and let all the rest of the system unencrypted?

– nwildner
Mar 22 at 18:41













Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

– Sara
Mar 22 at 19:32





Because I want to test different scenarios and to make an attack on them to see differences. I have read that its not possible to encrypt boot directory only.

– Sara
Mar 22 at 19:32




1




1





I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

– nwildner
Mar 22 at 20:18






I've never seen an official document saying that is not possible to encrypt /boot only. I just dont see it as useful. What I do know is that you can encrypt your entire system, with EVEN /boot cause grub supports LUKS devices, and using that mkinitcpio with keys trick will allow you to boot without having to supply your password twice(once for grub, second for root change) - pavelkogan.com/2014/05/23/luks-full-disk-encryption

– nwildner
Mar 22 at 20:18














A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

– wurtzkurdle
2 days ago





A variant of the "use GRUB2 to handle the encrypted volume" method is to use coreboot with a GRUB2 payload. With this setup there isn't even any bootloader on the disk. This method will involve either acquiring a machine with coreboot preinstalled, or flashing coreboot yourself. The linked tutorial does not JUST encrypt /boot however, so some tweaking may be required to achieve that result.

– wurtzkurdle
2 days ago










0






active

oldest

votes











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Sara is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f508051%2fencrypting-boot-directory%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes








Sara is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















Sara is a new contributor. Be nice, and check out our Code of Conduct.












Sara is a new contributor. Be nice, and check out our Code of Conduct.











Sara is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f508051%2fencrypting-boot-directory%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-boot, linux

Popular posts from this blog

Creating 100m^2 grid automatically using QGIS?Creating grid constrained within polygon in QGIS?Createing polygon layer from point data using QGIS?Creating vector grid using QGIS?Creating grid polygons from coordinates using R or PythonCreating grid from spatio temporal point data?Creating fields in attributes table using other layers using QGISCreate .shp vector grid in QGISQGIS Creating 4km point grid within polygonsCreate a vector grid over a raster layerVector Grid Creates just one grid

Word for a person who has no opinion about whether god existsWord for having a definite opinion while simultaneously withholding judgment?What's the opposite of “newcomer? Is ”veteran" OK?What do you call an “atheist” who might believe in an afterlife?What's a word for someone who wants to voice opinions but not have them challenged?Word for someone who dismisses contrary opinions as irrational?Somone who thinks they are overly special/out of the ordinaryIs there a word, phrase or idiom for “a person who is incapable of thinking about the future”?The belief that a god is human-likeA word for a non-famous person/thing you have heard a lot aboutAdjective for a person who enjoys taking care of their appearance

Can I redirect output to a log file and background a process at the same time?2019 Community Moderator ElectionUnable to write to file in shell script when running command in backgroundredirect and log script outputhow to properly log the output of a console program that frequently updates “parts” of the screen, resulting in a messy log file?How can I redirect the output of a child process?grep script - output lines at the same time into echoHow to run process in background and get its pid to create log file nameHow to redirect output to a log from expect commandHow to clear a redirect log file content in shell?Log background jobs started in all the manually started shells?Why do `jobs` and `dirs` run in command subsitution, process substitution, pipeline, and background jobs output the same as in original shell?How to redirect output to file to STDOUT?