I have full disk encryption, and on boot I have text interface to insert encryption password to boot system and go to Grub.
How can I change (or maybe it can be implemented in the future by default) graphical version.
Similar to Ubuntu.
There is a system logo or wallpaper with field for password. It looks much better than just ugly text mode, especially on modern laptop.
And the second question is how can I encrypt only home folder? Other installers have this option to choose, maybe it is worth to add this also to allow user choose if they want full disc encryption or only home folder.
I followed few tutorials from web like this one https://www.raeder.technology/post/encrypt-home-directory and every time when I finish the process (without any errors) and login to check if it works, it doesnât allow me to login. I did the same on Ubuntu (heh I am switching from Debian/Ubuntu, to Arch based distro) and it works fine. After command ecryptfs-migrate-home -u user I can login to that account, check passphrase and cleanup, but not in Endeavouros, probably I am missing something. Any suggestions? Or did someone encrypt home folder and can share steps? Maybe I should choose something else than ecryptfs.
None of the Arch based distros has a system logo when loading at any point.
I would generally urge people not to follow direct tutorials. They are almost never Arch based, and almost always donât work for people. Please lookup information either here or on the Arch wiki.
You may want to start here as this looks promising. I donât do encryption, so I canât really help much beyond that.
The option to encrypt only home is there but calamares offers only the option to encrypt partitions so you need to choose manual partitions and create a separate /home partition what can be encryptedâŚ
Including a nicer unlock screen would be nice⌠but this is very hard to get working, if you find a solution or have any info/hint/link share it
yeah I even created few themes for Plymouth in the past so if this is the same solution in Arch I think I will manage to create something and share here once done.
@hoek , it will be nice if you make an EndeavourOS plymouth theme. I have an encrypted partition and i will be happy to change this actual command-line password request to an EOS one
If your boot partition is encrypted (as part of a full disk encrypted setup), at this early stage in the boot process, there is only grub to unlock the drive to get to the initramfs and kernel. So AFAIK, no, thereâs no way for plymouth to inject itself before the actual filesystem is unlocked and therefore no way around grubâs textual password prompt.
However, in case of an unencrypted /boot, things can be set up differently.
Hmm, not so sure, my Ubuntu machine with full disk encryption has graphical interface and I can switch it from text to graphical mode. I modified the plymounth files myself and switched these modes. Unfortunately, I donât have time in a week to check the current distribution, so I canât fully confirm or deny it. Certainly, when I get to it and analyze it, I will say something more, but I guess full disk encryption in Ubuntu works the same as in Arch so it is solved somehow.
I think Ubuntu doesnât have full disk encryption by default (as a selection in its installer), or at least it was necessary to work on it a couple of years ago:
Your Ubuntu /boot partition is unencrypted! So itâs not really âfull disk encryptionâ.
Calamares (the installer) encrypts /boot by default. If you really need a prertty interface youâll need to set up the encryption manually and leave /boot unencrypted.
Make sense. I found a few minutes and tried to configure it, but right, no image if /boot is encrypted. It looks like too many variables to make it works for everyone
Especially that there are different plymouth options to set up for encrypted and not encrypted drives.
No one will rearrange partitions just to get a nice logo, what a pity. But following this one https://wiki.archlinux.org/title/plymouth with no /boot encrypted it is possible.
I think I will stay for a longer with PopOS/Ubuntu/Debian and use Endeavouros just on virtual machine for testing. I am too old and too lazy to setup everything that works out of the box in other distros but I like Arch for rolling releases stability and AUR repository, this is something I am missing in âotherâ distros also Community repo looks more fresh in compare to others. Last but not least Endeavouros makes a lot in enabling people like me to make it easier and speed up many things, the community also looks committed.