On 2 January 2016 12:01:08 GMT+00:00, Frank Steinmetzger <war...@gmx.de> wrote: > On Wed, Dec 30, 2015 at 08:22:22PM -0500, Alex Corkwell wrote: > > On Wed, Dec 30, 2015 at 07:34:52AM +1000, Hans wrote: > > > Hi, > > > > > > Is it possible to fully encrypt a Gentoo system as can be done > with > > > Fedora, Suse, Arch Linux, Debian and Ubunto without using a > unencrypted > > > USB boot stick or unencrypted /boot partition? > > > > > > If yes, where can I find instructions that really work on a BIOS > only > > > box without UEFI, EFI, systemd using EXT4 file system? > > > > > > Hans > > > > I can confirm that it's entirely possible, as I've managed to do it > with > > my laptop. > > I don't remember exactly how I did everything, but here are the main > > points of my setup. > > […] > > Thank you very much for this documentation. I was about to start a > thread > with this topic myself because I’m in the market for a new laptop > before too > soon. But Hans beat me to it. > Since I will install an after-market SSD in it, I want to encrypt > everything. With a little luck, your information is all I need. I will > practice it in a VM. > > @Neil: > you seem to know your way around booting with EFI. I don’t suppose you > could > add your mustard (as we say here-abouts) regarding booting an > encrypted > system with an EFI bootloader. I was hoping to quicken my boot > procedure > because Grub seems slow to load and I find its UI to be not very > responsive. > > Cheers > -- > Gruß | Greetings | Qapla’ > Please do not share anything from, with or about me on any social > network. > > You can’t fire me, slaves must be sold.
I use systemd's version of gummiboot with /boot on the ESP. Everything else is on a single btrfs filesystem, on a luks-encrypted partition and dracut takes care of everything. I don't have my laptop with me, but I'll post the dracut options I use later. -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.