Yes, it is slow. Grub is using BIOS services (or UEFI firmware services), and those tend to be slower.
I rarely get the passphrase wrong. When I do, I use CTRL-ALT-DEL to retry.
On my primary desktop, I do use a separate “/boot” and that avoids the problem. However, I am using “ext4” as the file system. With “btrfs” you might have a problem with restoring an older snapshot, because the kernel for the snapshot might not match what grub expects.
With a separate “/boot”, it won’t be part of the snapshot.
If “/boot” is part of the root partition, then it is not a subvolume, as I recall. However, “/boot/grub2/x86_64-efi” is a subvolume, so that grub itself is not part of the snapshot (and a similar directory if using BIOS booting instead of UEFI booting). So a rollback will roll back the kernel properly in that case.
Ok, thanks, that makes sense.
I fear I will have to live with the slow Grub decryption.
But that also makes dracut-crypt-ssh useless, in case remote booting an encrypted disk could be important
I think I will have to weigh the pros and cons per use case