Yes, I can do so for example with Dell XPS 13-9370 ultrabook. Ubuntu was preinstalled on it from fabric. I sliced up the disk and installed Leap and Slowroll via Grub in a multiboot setup via Grub. For one or another reason, when I upgrade Ubuntu, the Grub menu disappears, and I have to enter boot and select openSUSE secure boot, and then run YaST bootloader that upgrade Grub to include Ubuntu again.
I forgot to ask what is the minimum hardware requirement for Aeon Desktop?
And what is the reason for the Aeon time glass icon that appears at the bottom of the Tumbleweed login screen? Is there some connection with the Aeon-release package?
The Aeon Desktop tik installer is currently not capable to find or recognize an usb3 connected, portable disk. The select disk menu shows just ata and nvme internal disks. On the other hand Aeon’s File manager app on the usb stick did list also the usb3 connected portable disk.
As an additional test I therefore prepared the Seagate Expansion 2TB usb3 disk and and found that the Tumbleweed installer had no problems to use it. Not that fast, but ok for testing.
I will file a bug/rfe to aeondesktop .org about this.
I boot via BIOS to select the ready made Aeon usb stick yes and want to install Aeon on a 2TB portable usb3 connected disk. But the installation’s Select disk menu only show the internal ata and nvme disks in use.
And yes, I read Aeon doesn’t support grub, but was curious to see if the restored multi-boot grub menu afterwards might embrace also Aeon, in a similar way like Windows + Linux ?
If not, the boot disk can always be selected from BIOS.
You were right, it was quickly refused as follows:
This is not a bug The installer explicitly filters out USB devices because Aeon pairs its FDE encryption keys with your systems TPM this rules out using Aeon on portable devices and the installer reflects yay The installer has a config option to force it to allow USB installations but I won’t explicitly detail that here as it’s not supported for Aeon Closing bug as invalid
I don’t know what “Aeon pairs its FDE encryption keys with your systems TPM” mean, but at least it seems that Aeon requires a dedicated internal disk in a machine to be installed on?
If Aeon then allows and can live beside other distributions on other internal disks, or preferably can be embraced by the grub2 boot menu afterwards, yet have to be found out.
I think this is the main blocking for many to test Aeon Desktop easily.
Also “my better halph” has an old Samsung Chromebook I had hoped Aeon could be tested on.
@terjejh The F(ull) D(isk) E(ncrytion) of your install medium pairs with the system chip called T(rusted) P(latform) M(odule) and P(latform) C(onfiguration) R(egisters) of the current software state on your system.
A snapshot so to speak, so if anything changes it will alert you so you can investigate and if all OK, likely need to re-enroll the system keys if you are happy.
See https://en.opensuse.org/Portal:Aeon/Encryption
Well Aeon uses systemd-boot, not grub, so not sure how that would work, again it’s not supported. You really need a standalone system with TPM 2.0 >= 1.38 to get the full benefit…
Edit: Run tpm2_getcap properties-fixed | grep TPM2_PT_REVISION -A2
@malcolmlewis Thanks for the command tip. My newest AlderLake based machine output TPM2_PT_REVISION value 1.38. On the older SkyLake (2015) and KabyLake (2017) the output contained only ERROR messages. So maybe on a later occasion I can get an extra SSD device built in to test the Aeon Desktop, but let it be for now.
Any chanche that the Aeon DT “Environment” (Look & Feel) might be another desktop option like Gnome, KDE, Xfce during a Tumbleweed installation?
I tested the Aeon usb boot stick in my 2015 Skylake/MSI-Z170A-Pro machine and the installer listed the internal disks. As I already had an extra SATA 6 SSD 512GB available, I built it into this machine for the Aeon installation.
The Aeon installer listed and accepted this as an internal disk for installation. It claimed first about missing TPM 2.0, as I didn’t (initially) succeed to enable this in the BIOS setting. But I could install using the fallback mode and set a root password to access the disk for logon.
By the way, Aeon installed ok and I simply tested to add install a few applications from the app center. It was a bit fun to recognize this from the usual Gnome/openSUSE.
Afterwards I tried to enable and switch to TPM 2.0/1.2 in BIOS. But still I was not able to use `tpm2_getcap in openSUSE to get the TPM 2.0 version (same errors as first time).
Default after the Aeon installation, the Aeon bootloader loaded and asked for the root password for logon. I had to use the F11 key to get the BIOS boot disk to boot and logon Slowroll again, and from there tried to update Grub from the YaST 2 boot loader.
But the Grub menu didnt’ include the Aeon boot loader, which still was the default at reboot.
But I was able via F11 to change the BIOS UEFI boot disk priority back to UEFI Secure openSUSE, so that the Grub menu is the default startup again. It is acceptable to use F11 to select the Aeon boot disk.
I think for Linux users who are used to play with two or multiple distributions and even with Windows on their machines, the most important is that Aeon even it require a whole single disk, doesn need to own the whole machine alone.
So even it would be easier to be able to load also Aeon from Grub, it is not a big deal, as far as Grub or Aeon optional can be selected as the default boot and the other from system boot disk.
That would be something you would need to take up with the Aeon developers. I don’t know that any of them monitor the forums. Most of their discussion happens on telegram.
That being said, there are technical reasons, that Aeon doesn’t support grub2 and/or dual(multiboot) Which I’m not really confident enough to explain, and know that I wasn’t screwing something up.
Theoretically systemd-boot (or any Boot Loader Specification compliant bootloader like grub2-bls) has inherent support for multiboot and does not need any papering over using os-prober. The practical problem is, systemd-boot only enumerates loader entries on ESP. As long as Aeon installer does not allow choosing the partition for /boot/efi, it still means it will be invisible to another systemd-boot instance on another disk.
The situation is similar to Windows. The usual recommendation for years was to install Windows first, before other operating system, because Windows claimed storage for itself. I am pretty sure that installing Aeon first and then installing any conventional Linux distribution with systemd-boot reusing the existing ESP will give the working multiboot configuration. Automatic LUKS2 unlock using TPM2 will still be flakey (during bootloader update measurements will be refreshed in one distribution only). But that is more or less similar to what we have now with os-prober and kernel updates.
I believe, systemd-boot can now even boot Windows (it detects if BCD and Windows bootloader are present), although here is the catch - we have two operating systems each assuming it is the sole owner of all available resources, so sharing ESP between them is a challenge.
Possibly, but I can tell you that such a system would be considered “ineligible for support” from the Aeon developers.
There are many things that somebody “can do” with a system, and being as this is FOSS software, you’re certainly free to do so. There is no obligation for A) Developers to enable you to do so, or B) Support unintended usecases, if you do choose to do so.