If you want to preserve other OS and setup encrypted partitions by hand, you can do so, since forever using the mini.iso d-i installer, and install ubuntu-desktop task.
yes unencrypted /boot is currently a limitation with grub, but you can use sicherboot package to boot UEFI based systems securely without /boot, as that ensure the bootloader, kernel, initramfs are all in the UEFI partition, signed and booted with secureboot. none of that is typical for a desktop installer, nor is easy to explain in the UI. And things like above is adequatly easy to setup using the mini.iso and additional packages. For a mass-install corporate environment, I would expect internal sysadmins to either prepare d-i preseeds or custom golden images to deploy machines with such a sophisticated setup. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1773457 Title: Full-system encryption needs to be supported out-of-the-box including /boot and should not delete other installed systems To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub/+bug/1773457/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
