This is my disk layout:

500 GB Linux - BTRFS

100 GB Windows - NTFS

400 GB Storage - NTFS (shared between linux and windows)

I want to encrypt everything. For Linux I can use luks2 but what I’m supposed to do for Windows ? (No bitlocker please)

Will veracrypt replace refind boot manager?

Note: I am talking about the one that asks password before boot (full encryption)

  • Maiq@lemy.lol
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    My explanation above just gives the illusion of entire computer encryption.

    Say you have a separate hd for each OS. Each with bootloaders on their drives. To bypass grub running luksopen you can boot directly into windows in the bios, in this instance the windows bootloader will be used to load windows. However if your bios is set to boot your Linux HD and grub has successfully found your windows drive and created a boot entry for it, it should be selectable after luks decryption. This can give the illusion that windows is encrypted while not really being so to an advanced user. There is nothing preventing you from mounting windows as its not really encrypted, just the way grub loads Luks before OS selecton. If I remember correctly systemd-boot loads OS selection before luksopen giving no appearance of encryption till after your OS selection, you should be able to boot windows without the false sense of drive decryption.

    • gpstarmanOP
      link
      fedilink
      arrow-up
      2
      ·
      2 months ago

      So, it’s not possible on rEFInd too, right? Similiar to systemd-boot?

      I like rEFInd’s appearance but it seems that grub2 has lots of tech support also theming (still will prefer rEFInd for looks)