Y
Hacker News
new
|
ask
|
show
|
jobs
by
halz
1972 days ago
Chances are theres an EFI partition thats still unencrypted, too! This is where secureboot/tboot has its chance to shine.
1 comments
mnd999
1972 days ago
Indeed. LUKS key on tpm2 with secure boot with /boot on encrypted seems anything but easy to setup. I also complicate things by making everything apart from efi on zfs.
link