Re: Boot better have mounted on root or /boot ?
Greg Wooledge <greg@wooledge.org> wrote:
> On Thu, Apr 08, 2021 at 08:55:47AM +0800, Robbi Nespu wrote:
>> Filesystem Size Used Avail Use% Mounted on
>> /dev/sda1 110G 62G 43G 60% /
>>
>> What actually the best way for boot directory? put on same root directory
>> like I have right now or it better to have it own partition?
> The only time you *need* to make it a separate partition is when
> you're doing certain flavors of disk encryption. Under those setups,
> you need an unencrypted /boot so you can boot and mount your encrypted
> root file system.
Not even when doing FDE. GRUB2 is able to decipher LUKSv1 volumes.
But, given that LUKSv1 has been superceded by the newer v2 format, I
would still create a separate /boot, so only it needs to be encrypted
using the potential weaker LUKSv1 format while the rest of the system
can be on a LUKv2 volume.
https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html
S°
--
Sigmentation fault. Core dumped.
Reply to: