Linux for many years as supported encrypting most partitions on your system, with the exception of /boot.
/boot contains the basic/initial BOOT configuration of your system... that means, by definition, it must be discernable---and thus cannot be encrypted.  Without an un-encrypted /boot partition, there isn't sufficient intelligence for the physical computer to get booted up.


From: Dave Johansen <davejohansen@gmail.com>
To: Community support for Fedora users <users@lists.fedoraproject.org>
Sent: Friday, July 31, 2015 11:28 AM
Subject: /boot and encrypted partitions?

I was luck enough to be bitten by this issue ( https://bugzilla.redhat.com/show_bug.cgi?id=1212907 ) when attempting to do a clean install of F22. I copied all of my data off and then tried manually setting things up as separate partitions (instead of in an LVM) but it kept telling me that /boot couldn't be on a LUKS partition. The config I had was /home was encrypted and / was encrypted but then the biosboot partition was not encrypted, and all 3 were standard partitions. Is this something that's just not supported? Or was I doing something wrong?
Thanks,
Dave

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org