+- PINE64 (https://forum.pine64.org)
+-- Forum: Pinebook Pro (https://forum.pine64.org/forumdisplay.php?fid=111)
+--- Forum: Linux on Pinebook Pro (https://forum.pine64.org/forumdisplay.php?fid=114)
+--- Thread: Manjaro with Full Disk Encryption and GRUB (/showthread.php?tid=16061)
Manjaro with Full Disk Encryption and GRUB - dumetrulo - 02-11-2022
Hi folks! I have a working install of Manjaro Sway on eMMC (and Tow-Boot on SPI), and want to 'reform' it into a setup with full FDE (as much as possible). To do this, I did the following so far:
- Created a USB drive with one ESP and one LUKS partition
- Created LVM swap and root partitions inside LUKS volume
- Copied working system from eMMC to USB drive
- Used manjaro-chroot to install GRUB
This USB drive can now boot from GRUB, and prompts for the LUKS password. After entering it, it takes about 3 minutes to unlock the key, then drops me at the GRUB prompt. It appears that there are no menu entries at all.
Any ideas on how to continue? And on a related note, any ideas on how to speed up the cores in GRUB so that it unlocks the key faster?
RE: Manjaro with Full Disk Encryption and GRUB - frankkinney - 02-02-2024
(02-11-2022, 04:21 PM)dumetrulo Wrote: Hi folks! I have a working install of Manjaro Sway on eMMC (and Tow-Boot on SPI), and want to 'reform' it into a setup with full FDE (as much as possible). To do this, I did the following so far:
- Created a USB drive with one ESP and one LUKS partition
- Created LVM swap and root partitions inside LUKS volume
- Copied working system from eMMC to USB drive
- Used manjaro-chroot to install GRUB
This USB drive can now boot from GRUB, and prompts for the LUKS password. After entering it, it takes about 3 minutes to unlock the key, then drops me at the GRUB prompt. It appears that there are no menu entries at all.
Any ideas on how to continue? And on a related note, any ideas on how to speed up the cores in GRUB so that it unlocks the key faster?
I thinkĀ if you have a TPM (Trusted Platform Module) chip on your system, you might be able to configure it to store the encryption key, which can speed up the unlocking process.