Full disk encryption currently requires each stage to gain knowledge of the keys independently, which means asking the user or bundling the key (in the initramfs).
In order to avoid the hassle, let's implement a key sharing mechanism so that GRUB can boot from an encrypted volume and pass it's keys to the OS.
Goal for this Hackweek
- Add support for appending GRUB's learned keys to an initramfs.
- Enable the early init environment to use said keys to mount the encrypted volumes.
No Hackers yet
Looking for hackers with the skills:
Nothing? Add some keywords!
This project is part of:
Hack Week 23
This project is one of its kind!