Hello everyone, new Manjaro user here. I’m moving over from Debian, where I’ve spent the last 3 years.
For this new install, I thought I’d go with encryption, which I haven’t done before.
And since I am coming across a lot of contradictory information on how feasible FDE is with Manjaro Architect, I thought I’d ask some clarification here.
I actually already tested a Manjaro Architect install, following this great LVM on LUKS Tutorial. Everything worked out great; M-A is a really wonderful installer.
However, this tutorial leaves the boot partition unencrypted, meaning it is not really Full Disk Encryption. Because everything went so smoothly with M-A, I find myself getting greedier and wanting it all.
I wanna ‘fix’ this last flaw in my installation, especially since I’ll be on it for years, and changing it later is only going to be more difficult/risky.
The Archwiki Grub page seems to suggest I can still encrypt the boot partition and reinstall grub on my installed system, or am I misunderstanding this? Maybe it’s easier to just redo the M-A install and put the boot partition inside LVM on LUKS? Or maybe neither of these is a good idea and I should just not bother with Full Disk Encryption at this point? I hear the next GRUB release 2.06 will provide LUKS 2 support, which will likely improve on this tricky situation … Any thoughts?