diff options
author | Guilhem Moulin <guilhem@debian.org> | 2019-07-03 02:11:05 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@debian.org> | 2019-07-03 02:26:47 +0200 |
commit | 81b17fbdefd180f4bf639a3b0d2983143b048771 (patch) | |
tree | 6988cbf574157acc2e4e1a01279f3f0df7c1fe53 /en/using-d-i/modules | |
parent | b403b693913471d4f1e38e0c0d76f1a99fa0308c (diff) | |
download | installation-guide-81b17fbdefd180f4bf639a3b0d2983143b048771.zip |
Add link to a guide/document for encrypted /boot
Namely https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html ,
maintained by the Debian cryptsetup packaging team.
Cf. #927165
Diffstat (limited to 'en/using-d-i/modules')
-rw-r--r-- | en/using-d-i/modules/partman-crypto.xml | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/en/using-d-i/modules/partman-crypto.xml b/en/using-d-i/modules/partman-crypto.xml index 26e14b85d..ee3cd9554 100644 --- a/en/using-d-i/modules/partman-crypto.xml +++ b/en/using-d-i/modules/partman-crypto.xml @@ -25,10 +25,13 @@ be of interest. For example <filename>/var</filename> where database servers, mail servers or print servers store their data, or <filename>/tmp</filename> which is used by various programs to store potentially interesting temporary files. Some people may even want to -encrypt their whole system. The only exception is -the <filename>/boot</filename> partition which must remain -unencrypted, because currently there is no way to load the kernel from -an encrypted partition. +encrypt their whole system. Generally the only exception here is the +<filename>/boot</filename> partition which must remain unencrypted, +because historically there was no way to load the kernel from an encrypted +partition. (GRUB is now able to do that, but &d-i; currently lacks native +support for encrypted <filename>/boot</filename>. The setup is therefore +covered in a +<ulink url="https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html">separate document</ulink>.) </para><note><para> |