Linux

46775 readers

1875 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

Any way to autologin with LUKS encrypted boot drive? (lemmy.ml)

submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]

19 comments fedilink hide all child comments

Hello everyone!

I daily drive a Nobara install with my main drive being an LUKS encrypted M.2 drive. Every time I boot my computer I get presented with the password prompt to unlock the drive and afterwards get prompted with my login manager to login.

Is there any way to combine these steps into a single prompt? It is starting to get a bit annoying having two steps every time I boot.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 3 months ago (1 children)

What OP is asking is trivial to setup on linux though. Just setup autologin on your login manager which is probably a single checkbox.

Your issue is different because you want biometric login. LUKS encryption only supports passwords, keyfiles and hardware keys (they are kinda goofy though). So you have to use the login manager which supports biometrics. But if you want full disk encryption, you first need to decrypt the hard drive. This can be done by storing the decryption key in the TPM part of your processor. That obviously means that someone with electron microscope could steal your data if they stole your computer. But if you don't care about that, it's a solution. On MacOS and and Windows it works nicely but on linux not so much. Ubuntu has TMP based encryption but it's currently experimental.

Alternative solution is to use Yubikey Bio (hardware key with fingerprint scanner) with LUKS but hardware keys are kinda goofy to setup.

Another is to not use Full disk encryption. You can just encrypt your home folder. Downside are that your cannot use hibernation and less robustness. For example once I accidentally typed my root password to the root shell and it therefore got written to /root/.bash_history which was not encrypted. (it's probably best to symlink it to /dev/null)

[–] [email protected] 1 points 3 months ago (1 children)

These are all great, but they are all workarounds, not solutions.

[–] [email protected] 1 points 3 months ago

What do you mean? The Ubuntu's TMP based encryption is the solution, it's just not stable yet.