First of all: THANKS. You´ve done a great job on OpenSUSE 11.2, guys. It´s huge! rotfl!
The only thing that buggs me right now is the startup. The bootup screen looks pretty and just a second later, OpenSUSE asks for the LUKS passphrase in bash. A small popup really would have done the job. If the Computer has an integrated/attached fingerprint reader, why couldn´t LUKS just use a fingerprint as verification? Is there some way to make things look pretty again?
Overall, I´m glad my whole drive is encrypted now. Everything feels much more secure.
I´d rather prefer to enter a password for LUKS within a popup window upon selecting the OS to boot at GRUB. Even then I don´t really understand why LUKS can´t be configured to use a fingerprint reader… It just looks and feels very unnatural booting like one second with the bootsplash and then suddenly hitting the bash for entering a pass. Don´t like that at all.
Yes, I agree there. You could try simply “home folder encryption”, you would have to use the normal login window, but then you would have a nice GUI login.
One drawback is that you have to set the size of your home folder (which is simply an encrypted file), the other being that for your system partition (if that is also encrypted) you will stiil of course have to enter a CLI password.
The thing is, you aren’t actually in a GUI until the x-server loads (the splash screen is really just a picture), and for an encrypted root filesystem, it has to be decrypted before it can start the x-server - QED!
Using a USB key would give you a nice smooth login, but don’t lose it ;).
Thanks for explaining. I simply won´t force the final destination of all my data by using a USB for key storage. I´m happy to have a completely encrypted drive now though.
Somehow I´m disappointed that LUKS does not prompt the user with a small little GUI for password input during startup. Hopefully that method will be changed in a future release of OpenSUSE (would be even better if that procedure would be changed with an update of 11.2).