How to get gui for disk decryption?

I want something similar to fedora, when you encrypt your root you get a nice "gui" (not really) with the fedora logo and a nice password field upon boot.

https://wiki.archlinux.org/title/Plymouth

But plymouth is very buggy and can cause a complete hang of the system at the boot and off stage. Check this: Plymouth boot screen bug

1 Like

Well, when it comes to encryption, the focus should be more on security than aesthetics (especially if that would be limited to an initial screen, something that you see only for a few second a-day).
I don't know of any such package, but maybe there is something...

1 Like

For that to work you need an unencrpyted /boot such as Fedora has. However, separating out /boot will make rebooting into a snapshot much less practical since the kernel and initramfs will no longer be part of your snapshot. This means that if you restore a snapshot with a different kernel version you will also have to chroot in and re-install the kernel version which matches your modules.

In this case, you need to choose between the aesthetics and the functionality of easy snapshot recovery and decide which you want to prioritize more.

There is a slight increase in security by having an encrypted /boot but it isn't something everyone will care about. Basically your initramfs becomes unencrypted which lets a sophisticated attacker with physical access to your machine gain access to information about your system. They can then use this information to aid in an attack against the encryption.

6 Likes

Well, I suppose I can live without it. Thanks!

3 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.