On Tue, Dec 29, 2015 at 4:34 PM, Hans <li...@interworld.net.au> wrote: > > Is it possible to fully encrypt a Gentoo system as can be done with Fedora, > Suse, Arch Linux, Debian and Ubunto without using a unencrypted USB boot > stick or unencrypted /boot partition? >
I'm pretty sure grub can support LUKS. See for example: https://wiki.archlinux.org/index.php/GRUB#Boot_partition If you have instructions for Arch the same instructions would probably work almost without modification on Gentoo. Since both distros tend to follow upstream they tend to be very similar. Neither uses a lot of auto-magic configuration as far as I'm aware. > If yes, where can I find instructions that really work on a BIOS only box > without UEFI, EFI, systemd using EXT4 file system? There is a doc on the Wiki, though I haven't used it myself: https://wiki.gentoo.org/wiki/DM-Crypt_LUKS I'd recommend using dracut in general for your initramfs. It seems to be the most robust and cross-platform option out there. Otherwise I'd probably follow the Arch instructions and adapt as necessary. -- Rich
