When I boot a system setup, the first thing that I see on the screen is:
Code:
Welcome to GRUB!
Attempting to decrypt master key…
Enter passphrase for hd0,gpt2 ():
I must enter the encryption key and if it is wrong I get a minimal grub shell.
If the password is correct I get the “normal” GRUB screen and after select the boot option I must enter a scent time my password and can final boot openSUSE.
OK, I understand that you do not want to enter a password when loading Grub. You want Grub to start and only after you then choose to boot one of the offered systems, and that particular system is encrypted you want to enter the password for that OS.
Just wait a bit, we have some people here that know a lot about encryption.
You presumably have an encrypted root file system, and “/boot” is part of that encrypted file system.
So grub2 needs the password before it can load the boot menu. There are ways to avoid the second password prompt, but not the first one.
To avoid the first password prompt, you would need a separate unencrypted “/boot”. This is not recommended if you are using “btrfs” for the root file system.
Did not think it worked in other file systems. Just because it is installed does not mean it functions. In any case having a separate boot partition cuts you off from snapper at boot so no selecting snapshots from grub.
For TW snapper in my opinion is a requirement since rollbacks can occur fairly often. For leap not so many broken updates so little or no need for rollbacks.
I just wanted to agree, but then “man snapper says this:”
**DESCRIPTION**
Snapper is a command-line program for filesystem snapshot management. It can create, delete and compare snapshots and undo changes done between snapshots.
Snapper never modifies the content of snapshots. Thus snapper creates read-only snapshots if supported by the kernel. Supported filesystems are btrfs **and ext4 **as well as snapshots of LVM logical volumes
with thin-provisioning. Some filesystems might not be supported depending on your installation.