I would like to have a system where, upon powering on, I am asked for a passphrase to decrypt the whole hard disk and, once the passphrase is entered, the hard disk is decrypted and I am redirected to GRUB, where I can select which operating system - Windows 10 or Debian 9 - I would like to use. Is this possible? If so, how?
Thanks in advance.
I'm pretty sure this is not practical because full disk decryption is handled by the OS (eg Bitlocker in Windows, LUKS in Linux - there is typically a small partition which is not encrypted and used to initiate the whole unlock process) - and it appears you want this to be done prior - ie prior to BIOS/UEFI handoff.
Probably the best you can do on a general/typical PC (which is not great) would be to have a data partition which is encrypted using cross-platform block device encryption like Veracrypt.
In some specific cases, you might be able to do something with Dislocker (ie a mechanism to access Bitlocker drives under Linux).
A more general approach which might work could be to select your primary OS, use the OS blessed Full Disk Encryption mechanism on that, then use virtualization to boot into your secondary OS which backs onto the -once booted- unencrypted block device of the primary OS.
