My Linux installation is encrypted but boots without a password. Here's how that works.
I'm now the proud owner of a Crypto Stick, an OpenPGP smartcard implementation in USB stick form. It is apparently capable of generating and using 4096-bit keys, but GnuPG has a limit of 3072 bits (quick tests and git master show this is still the case). Fixing this doesn't sound that hard, from that message; I'll be taking a look at this when I get time and energy. Given my track record on getting time and energy to do such things, don't let that stop anyone else from working on it. :-)