Bug#1027692: installation-reports: successful with some wifi and encrypted /boot difficulties

[Vagrant Cascadian <vagrant@debian.org>]

On 2023-01-01, Vagrant Cascadian wrote:
> I tried manually partitioning to get an encrypted /boot partition, and
> that did not end up working really. It warned me about it, and I
> ignored the warnings. It did not give me a warning when I tried
> installing without a boot partition with LVM on a luks2 encrypted
> device. Managed to get it to work after the fact with an unencrypted
> /boot partition running d-i in rescue mode.
>
> Once it was booted, I managed to switch to an encrypted /boot after a
> few more false starts by creating a crypsetup device using luks1
> headers, probably with reduced security, but grub is able to actually
> decrypt luks1... process was something roughly along these lines...

Which is basically documented in:

  https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html

Although may need updating for grub 2.06 having some support for luks2
now, though requires using only PBKDF2 and which is not the default in
cryptsetup. More research needed...

live well,
  vagrant