I installed endeavour os using manual partitioning in calamares, encrypted only / and left boot unecrypted.
The computer works fine but I have noticed that it only asks me 3 times for a correct password if I didn’t input a correct password in these 3 times, it just fails to boot and I have to reboot and try again.
I had an arch linux encrypted install before this and it would ask me a correct password till I haven’t entered one, i guess it would go on and on for a correct password if an incorrect password was entered.
I want the same here.
Is there any way to do it?
I think you would either specify that in /etc/crypttab by adding tries=0 or if there is no entry in /etc/crypttab, on the kernel command line with rd.luks.options=tries=0
I hadn’t done such a thing on arch linux. It was automatically set to like that. Why isn’t it the case on eos?
Probably because you were using one of the mkinitcpio encryption hooks other than the systemd hook.
We are using systemd by default via dracut.
has it something to do with grub or systemd bootloader? I selected grub bootloader in the calamares installation though. I was using grub on arch linux as well.
With an unencrypted /boot, the should both work the same. In this case the initrd does the unlocking.
I mean is it the expected behavior in endeavor os that luks password is asked only 3 times and it fails afterwards keeping in mind that I have /boot unencrypted.
I have never tested it but that is probably the systemd default. Generally speaking, unlimited retries wouldn’t be a good default in my opinion from a security perspective. However, if you would prefer to change it on your system, go for it.