Re: Full disk encryption (including /boot) Luks2+argon2 ( No Libreboot )
Reply #29 –
Hello. Yes, I was wrong, I admit it))
Once I’ve done everything, I’ll write about the result. As for entering the password twice, I understand how to solve this.
login:root
passwd *****
# dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin
# cryptsetup luksAddKey /dev/sda2 /crypto_keyfile.bin
Even root doesn't need to access this
# chmod 000 /crypto_keyfile.bin
# nano /etc/mkinitcpio.conf
find the inscription "FILE" in the file add /crypto_keyfile.bin
FILES="/crypto_keyfile.bin"
# mkinitcpio -p linux-hardened
Tell me please, is it possible to build and install Grub with argon2id support for BIOS?