elover Apprentice
![Apprentice Apprentice](/images/ranks/rank_rect_2.gif)
Joined: 20 Nov 2019 Posts: 160 Location: Spain
|
Posted: Sat Jul 06, 2024 12:01 pm Post subject: What would be the correct way to make an encrypted installat |
|
|
What would be the correct way to make an encrypted installation?
I currently have five SDD of different size, I don't know whether to do linear raid, or a LVM set with luks, three volumes root, home and swap.
The root would use btrfs, the home xfs, but now I don't know which luks to use, one or two?
I would also like to use secure boot, I can't decide whether to use systemd Openrc as init, I have used sbctl and I have had no problems, now I don't know if activating module signing, I can have video with nvidia or they sign with sbct, I have no idea.
If I use a fido2 key or smart card I understand that I have to use systemd? the manufacturer has a guide with fido2 + pin, is it possible to use instead of pin the fingerprint?
I currently have five SDD of different size, I don't know whether to do linear raid, or a LVM set with luks, three volumes root, home and swap.
The root would use btrfs, the home xfs, but now I don't know which luks to use, one or two?
I would also like to use secure boot, I can't decide whether to use systemd Openrc as init, I have used sbctl and I have had no problems, now I don't know if activating module signing, I can have video with nvidia or they sign with sbct, I have no idea.
If I use a fido2 key or smart card I understand that I have to use systemd? the manufacturer has a guide with fido2 + pin, is it possible to use instead of pin the fingerprint?
Finally, do I have to activate the uki, refind, dracut and modules-sign flags? |
|