Comment 0 for bug 1773457
Revision history for this message
| Paddy Landau (paddy-landau) wrote Full-system encryption needs to be supported out-of-the-box | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
In today's world, especially with the likes of the EU's GDPR and the many security fails, Ubuntu installer needs to support full-system encryption out of the box.
This means encrypting not only /home but also both root and /boot. The only parts of the system that wouldn't be encrypted are the EFI partition and the initial Grub bootloader, for obvious reasons.
Using LUKS and LVM, it is already possible...
https:/
... but with one major limitation: Grub is incorrectly changed after an update affecting the kernel or Grub, so that a manual Grub update is required each time this happens (this is fully covered in the linked instructions).
If the incorrect Grub change is fixed, it should be (relatively) simple to support full-system encryption in the installer.