But even if this is the case, your root and home partition will still be encrypted. The BIOS will be also protected by a password, otherwise UEFI secure boot can be disabled. After that, you will be asked to unlock the root and home partition with a password and your YubiKey device (2FA). The disk partitions will look similar like above and the GRUB boot loader will ask you to unlock the boot partition with a password. You need an USB stick for the Linux Live environment and a second computer would be useful for look ups and to read this guide while preparing your fully encrypted Linux. You should be familiar with Linux and you should be able to edit files with vi/vim.
YubiKey encrypted root ( /) and home ( /home) folder on separated partitions.but none contains a step-by-step guide to get the following things done. There exists a plenty bunch of tutorials. This guide should help to get it done in some hours (hopefully). It took me several days to figure out how to set up a fully encrypted machine with 2FA. If you complete this guide, you will have an encrypted root and home partition with YubiKey two factor authentication, an encrypted boot partition and UFEI secure boot enabled. I've created a full disk encryption setup guide.
0 kommentar(er)
