elover
Apprentice
Joined: 20 Nov 2019
Posts: 160
Location: Spain
|
 Posted: Sat Jul 06, 2024 12:01 pm Post subject: What would be the correct way to make an encrypted installat |
 |
|
What would be the correct way to make an encrypted installation?
I currently have five SDD of different size, I don't know whether to do linear raid, or a LVM set with luks, three volumes root, home and swap.
The root would use btrfs, the home xfs, but now I don't know which luks to use, one or two?
I would also like to use secure boot, I can't decide whether to use systemd Openrc as init, I have used sbctl and I have had no problems, now I don't know if activating module signing, I can have video with nvidia or they sign with sbct, I have no idea.
If I use a fido2 key or smart card I understand that I have to use systemd? the manufacturer has a guide with fido2 + pin, is it possible to use instead of pin the fingerprint?
I currently have five SDD of different size, I don't know whether to do linear raid, or a LVM set with luks, three volumes root, home and swap.
The root would use btrfs, the home xfs, but now I don't know which luks to use, one or two?
I would also like to use secure boot, I can't decide whether to use systemd Openrc as init, I have used sbctl and I have had no problems, now I don't know if activating module signing, I can have video with nvidia or they sign with sbct, I have no idea.
If I use a fido2 key or smart card I understand that I have to use systemd? the manufacturer has a guide with fido2 + pin, is it possible to use instead of pin the fingerprint?
Finally, do I have to activate the uki, refind, dracut and modules-sign flags? |
|
Installing Gentoo
