Dear Guix, I have a fully encrypted disk: it has an EFI partition where I install grub-efi-bootloader and the rest is a single-partition luks device (including the grub configuration /boot).
I also have another disk that I can partition however I want. I would like the other disk to store a key file to decrypt the main disk. Is this possible? I see in the manual that grub can be configured to load a CPIO archive containing the key, but from what I understand, the cpio archive must be in the root file system, which is encrypted in my case, so it does not appear to solve the issue. Or can I somehow instruct grub to load it from another disk? Best regards, Vivien
