On Tue, Mar 28, 2023 at 2:17 PM Carlos E. R. <robin.listas@telefonica.net> wrote:
On 2023-03-28 13:11, Andrei Borzenkov wrote:
On Tue, Mar 28, 2023 at 1:42 PM Carlos E. R. <> wrote:
Hi,
new laptop here, and I decided to install Leap 15.4 with full disk encryption, no LVM (a feature I wanted to have for years, so I'm happy).
It asks for the password twice (contrary to my customs, I'm using plymouth).
It asks once before grub loads. Well, ok, there is no separate /boot, so it has to read "/" which is encrypted. Nice.
But after selecting the boot entry in grub, it asks again. Once, despite being 3 partitions ("/", "/boot" and swap). Ok.
---------************************************
Is there some way to make it ask only once? I guess not, but perhaps I'm wrong.
You did not describe how many partitions are encrypted or whether you are using the same passphrase for all of them or not.
See the underline :-)
Read your sentence above the underline and tell me where you see anything about "three *encrypted* partitions". The only vague hint was about root being encrypted.
But I made a mistake, it is "/", "/home" and swap.
Yes, of course I am using the same password for all 3.
Not sure why it is "of course", for me it is "of course" to use different passwords. The first password request comes from grub, the second password request comes from the booted system (initrd). There is only one request because plymouth caches the first password and attempts to reuse it later for other requests. This is known for years and I am really surprised you are asking about it now. Tumbleweed grub2 has patches to forward passphrase to initrd, but it only works for the root partition, you still need to unlock other partitions. To avoid second password prompt you could add a second key to your LUKS partitions and store it on disk (key for root needs to additionally be included in initrd). This has been asked and answered dozens of times, you certainly can find an explanation how to do it.