Kairos offers the ability to encrypt user data partitions with LUKS. User-data partitions are dedicated to persist data for a running system, stored separately from the OS images. This encryption mechanism can also be used to encrypt additional partitions created during the installation process. Kairos supports the following encryption scenarios: Offline mode - Encryption key for partitions is stored on the machine inside the TPM chip. Online mode (Automated) - Keypair used to encrypt the par...
