I noticed that there are two different prompts for the encryption password.
I did with Tumbleweed and with Slowroll EXACTLY the same:
a full fresh new installation (up-to-date iso-files) with the guided installer
activating LVM with encryption
automated partinioning (no seperate /home, just /root and /swap) and removing everything else (even when not needed).
=>it looks to me that both distros have the exact same installer.
And I noticed a difference when booting:
Tumbleweed boot:
Directly after pressing the on-button it prompts the input for typing the password for the encryption. The input appears in tiny font at the top left of the screen. There is NO showing of the Boot Manager. The typing of the password gives NO feedback at all.
Slowroll boot:
After pressing the on-button the Boot Manager appears (no graphics, just a list) and you need to choose the entry. After pressing enter a nice input field appears and below the input field it shows which language setting your keyboard is using (us, uk, etc.). The typing of the password gives very nice feedback with a dot per character.
QUESTION:
How do I modify my existing/running Tumbleweed to have that very nice input prompt feature of Slowroll?
Or would it be an easier way to do a new fresh installation of Slowroll and then modifying Slowroll to become Tumbleweed?
a) What is better/easier? b) And how can I do that?
Yes, and Tumbleweed will move in the future also to GRUB2-BLS at some point. Why Slowroll already moved to that, idk.
As I said in my last reply, with GRUB2-BLS there is no encrypted /boot (well it doesn’t exist anymore). so that’s why we can show a nice graphical (hardware accelerated decryption) interface (also with systemd-boot if you are wondering)
Thanks to the hint of arvidjaar I did some more tests and it seems that it has nothing to do with the /boot partition (no matter if un- or encrypted).
So, if you want to change Tumbleweed from the poor default encryption prompt to the nice and fancy encryption prompt, then you can choose
Solution 1:
do a standard guided installation & partition process and this auto process will lead to a sda divided in two parts
a. sda1 not encrypted (/boot/efi)
b. sda2 encrypted lvm (with subvolumes: system-root [/boot /var /usr /root /home , etc] and system-swap)
the Tumbleweed installation process does NOT select the correct boot loader automatically, so at the very end of the installation set-up you need to change the boot loader from “GRUB2 for EFI” to “GRUB2 with BLS” (with “Secure Boot Support” and “Update NVRAM”, MBR flag = remove)
That’s it. It works all fine and you have the fancy & nice encryption prompt.
Solution 2 (if you do not like LVM):
within your installation process of Tumbleweed choose to manually partition your disc. Go to “Expert Partitioning”.
follow the instructions here. Be aware that you should remove the /boot partitions manually and notice that LVM is not needed anymore.
the Tumbleweed installation process does NOT select the correct boot loader automatically, so at the very end of the installation set-up you need to change the boot loader from “GRUB2 for EFI” to “GRUB2 with BLS” (with “Secure Boot Support” and “Update NVRAM”, MBR flag = remove)
That’s it (and it works also without a TPM). It’s all fine, you do not use LVM and you have the fancy & nice encryption prompt.
this has everything to do with the /boot “partition”. as GRUB2-BLS has no /boot there is nothing to encrypt. kernels live in /boot/efi with BLS (just like systemd-boot).
/boot/efi is never encrypted as otherwise your BIOS/Firmware can’t read what to load. and a standard guided installation won’t use LVM (as it defaults to BTRFS)
what do you mean by correct. Tumbleweed is for now on GRUB2 for EFI, while Slowroll is defaulting to GRUB2-BLS.
And just as I said, there is no wrong or right (as you put it with GRUB2-EFI)
BTW: TPM has no play in there so no idea why you actually point that out. Yes you can interact with TPM during boot, but that is something you have to manually configure to do so.
(also with systemd-boot if you are wondering)