Bug 1198583 - Fix full disk encryption
Fix full disk encryption
Status: NEW
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Basesystem
Current
Other Other
: P5 - None : Normal (vote)
: ---
Assigned To: Ludwig Nussel
E-mail List
:
Depends on: 1198599 1198618 1198621 1198684 1198586 1198681
Blocks: 1165830
  Show dependency treegraph
 
Reported: 2022-04-19 07:42 UTC by Ludwig Nussel
Modified: 2022-04-20 08:20 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2022-04-19 07:42:29 UTC
Full disk encryption starting from 15 on sucks. Prompting for the passphrase twice is an unacceptable annoyance but also technically the situation is not satisfactory.
Eg relying on grub to unlock the encrypted volume hinders eg adoption of LUKS2 with Argon2 or hardware token support.
So let's find a solution that works better technically and usability wise.

See also
https://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html