[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LUKS-encrypted root and unencrypted /boot ?

From: Clément Lassieur
Subject: Re: LUKS-encrypted root and unencrypted /boot ?
Date: Sat, 04 Aug 2018 17:48:16 +0200
User-agent: mu4e 1.0; emacs 26.1

Benjamin Slade <address@hidden> writes:

> Thanks, Clément.

You're welcome!

>  > >  > Do you use Libreboot?
>  > >
>  > > Yes, I'm using Libreboot. Does this make a great difference over the
>  > > manufacturer firmware in this case?
>  > It might, because the GRUB used is the one shipped with Libreboot.
>  > So it has nothing to do with Guix.  I think talking to the libreboot
>  > people would help you more.  (Disclaimer: I have the same issue, I
>  > find that pressing 'c' and typing 'cryptomount ahci0,gpt3' makes the
>  > process faster.)
> Thanks, I'll look into that. For the moment I've just switched to having
> an unencrypted root and encrypted /home partition (where the swapfile
> also lives),

> ...which seems to me better from a security standpoint (I can
> use --iter 500, sha512, &c. without an issue).

But it's easier put a malware in an unencrypted root ;)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]