Thanks to the hint of arvidjaar I did some more tests and it seems that it has nothing to do with the /boot partition (no matter if un- or encrypted).
So, if you want to change Tumbleweed from the poor default encryption prompt to the nice and fancy encryption prompt, then you can choose
Solution 1:
- do a standard guided installation & partition process and this auto process will lead to a sda divided in two parts
a. sda1 not encrypted (/boot/efi)
b. sda2 encrypted lvm (with subvolumes: system-root [/boot /var /usr /root /home , etc] and system-swap) - the Tumbleweed installation process does NOT select the correct boot loader automatically, so at the very end of the installation set-up you need to change the boot loader from “GRUB2 for EFI” to “GRUB2 with BLS” (with “Secure Boot Support” and “Update NVRAM”, MBR flag = remove)
That’s it. It works all fine and you have the fancy & nice encryption prompt.
Solution 2 (if you do not like LVM):
- within your installation process of Tumbleweed choose to manually partition your disc. Go to “Expert Partitioning”.
- follow the instructions here. Be aware that you should remove the /boot partitions manually and notice that LVM is not needed anymore.
- the Tumbleweed installation process does NOT select the correct boot loader automatically, so at the very end of the installation set-up you need to change the boot loader from “GRUB2 for EFI” to “GRUB2 with BLS” (with “Secure Boot Support” and “Update NVRAM”, MBR flag = remove)
That’s it (and it works also without a TPM). It’s all fine, you do not use LVM and you have the fancy & nice encryption prompt.