-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 21/03/15 07:49, Beni Keller wrote: > Hey all, > > I followed this tutorial to get Trisquel on full disc encryption: > > http://libreboot.org/docs/gnulinux/encrypted_trisquel.html > > The problem now was that every time I boot I had to enter three > passwords. The Grub password first and then twice the encryption > password. So to reduce this to two passwords, I figured I don't > have to password protect the Grub entry that boots Trisquel on the > encrypted partition, since password protection should only keep > someone from booting my laptop from usb. So I edited the menu entry > in grub.cfg like this: > > > menuentry 'Load Operating System' --unrestricted { ... > > > So my question: Is there a reason this isn't included in the > tutorial? Did I somehow weaken the security of my system doing > this? If so, what's the possible attack that's prevented by > password protecting every grub entry? > > Thanks, > > Beni > Press E on that menuentry, then modify stuff, and press F10. Does it work without entering a password? If so, then someone could boot USB. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVPWoTAAoJEP9Ft0z50c+UPaYIAKdycgqtmXypTRC0sEkMWq/y nuuDpBQclew40TV6ZA+8k5wZcmAyQLukVZ1XfiKBqLbWCWcM3d+KPTDQjniIBq3Z fA5mj7VElEmD8HYszxo7MKVuVmzmizq+MBBpeHPEkG5H71SZLPipCyGTw9W+ZQm3 mp1UzgKCleAB69yo5V4D6u3HoTtzPmn161tUhPaUReqp428HWUktLYsr86QWt+SU lfrs3WIRS75hqUGku7duvHgMJvfpDItiCNxes+x3ylNTM4gP8dUmse/blrdia/oj hD4OM2oi9GxZOZGu/H5GrnZvMsQo6KfOZbYsjjnLNWx/9UiEvLEC39ppcAr+M98= =/4cv -----END PGP SIGNATURE-----
