Web lists-archives.com

Re: [RFC] Passing luks passphrase from grub to systemd




Hi.

> as I'm stuck with a (non-EFI x86_64) system with encrypted root
> partition, I have to enter the passphrase twice (grub needs it for
> getting the kernel etc., systemd needs it for mounting the root
> partition). This can be quite inconvenient, especially if the passphrase
> is long and contains special characters, and grub assumes a different
> keyboard layout.

Just fill another LUKS slot with a randomly generated key file and add that 
file to your initramfs (which already resides on encrypted /boot, right?). If 
your distro cannot do that, you should probably fixing things there, not 
adding ugly hacks to the kernel.

Check how it is implemented in Arch, for instance [1]. I'm not sure whether 
this is currently possible with openSUSE, though.

Regards,
  Oleksandr

[1] https://klmlinks.wordpress.com/2016/03/