I want to boot the Linux from the /boot partition, and also want to encrypt this /boot partition.
[ AFAIK, Grub is unable to find the kernel and initrd from an truecrypted partition or cryptsetup encrypted boot partition. ]
Is there any way to do so ?
Best Answer
Yes, using Grub2 you can do this: It has been patched to support not only AES, Twofish, Serpent and CAST5 encryption, but a number of hashing routines such as SHA1, SHA256, SHA512, and RIPEMD160. There is also support for the LUKS on-disk encryption format.
Check out this xercestech post for a full manual walkthrough, but in a nutshell everything is encrypted except for the actual bootloader, which you could have on a USB stick if you really wanted to stay safe.
The LUKS patches to support grub are here.