"for i in 1; do" --- this does shorten shutdown/reboot time. (Beowulf included)
But, the question is: Does encrypted filesystem/partition/container in the end get proper unmount?
Because all those unmounting messages are ending with "failed".
am concerned that over time, some files may become corrupted without noticing.
Edit: This is beginning to be thread hijacking, so I'll not continue on here.
]]>Stopping remaining crypt disks...sdX_crypt(busy)
I have it on Beowulf.
I see it on MX Linux 18. (There it appears for very short moment, but it DOES appear)
Probably this is an issue on ALL debian/devuan distros.
Also,
If Your installation is on UEFI based machine, and I see it is, You can put GRUB into retirement and use EFISTUB.
echo GRUB_ENABLE_CRYPTODISK=y >> /etc/default/grub
Personally, I prefer to leave /boot unencrypted but to use signed kernels/initrd and check their signatures in GRUB before booting them.
]]>Explains how to set up Devuan with full disk encryption (including /boot) during system installation when using the netinst ISO image. (The netinst ISO uses debian-installer. The Live ISO uses Refracta, which can set up boot on an encrypted root partition without any manual work needed.)
The procedure explained here is done by entering shell and executing commands after everything has been installed but before user clicks "Finish installation".
The idea is that for the official/standard part of the installation, an unencrypted partition is created and /boot is placed on it.
Then after the installer is done installing files, user enters shell and moves boot files onto the main (encrypted) partition, and re-purposes the unencrypted /boot partition into an encrypted swap partition.
This way all goals are met (fully standard installation, with full disk encryption, and with swap, done in the same session as the installation).
]]>