DCS EFI Bootloader

While encrypting system partition it is strongly recommended to create a rescue USB drive with the DCS EFI bootloader. This will allow you to gain access to data in case of any emergency (being unable to boot the system), and also allows for partition encryption and decryption operations to be performed.

DCS EFI Bootloader Overview

The DCS (Disk Cryptography Services) EFI bootloader is a modern UEFI-based boot solution for booting operating systems from encrypted partitions on systems with EFI firmware. Unlike the legacy MBR bootloader, DCS operates in the EFI environment, providing enhanced security features and compatibility with modern hardware.

The DCS bootloader supports:

• Secure Boot - Compatible with UEFI Secure Boot when used with an appropriate shim
• PXE Boot - Network boot support for enterprise deployments
  
• Multiple Random Generators - RDRAND, TPM, HMAC SHA512, and OpenSSL
  
• Full Disk Encryption - Encrypt entire disks including the EFI System Partition (ESP)

Technical Reference

File Paths

All DCS tools and configurations are stored under:

EFI\DCS\

This includes:

• DcsBoot.efi - Bootloader binary
• DcsProp - Configuration properties
• Additional support files and drivers

Command Reference

See Console Version Commands for detailed command syntax and options.