Linux

48149 readers

597 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

Encrypted hard drive asking for password every time (lemy.lol)

submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]

116 comments fedilink hide all child comments

I recently switched to Linux (Zorin OS) and I selected "use ZFS and encrypt" during installation. Now before I can log in it asks me "please unlock disk keystore-rpool" and I have to type in the encryption password it before I'm able to get to the login screen.

Is there a way to do this automatically like with Windows or MacOS? Zorin has biometric login which is nice but this defeats the purpose especially because the encryption password is long and tedious to type in.

Also might TPM have anything to do with this?

EDIT: Based on the responses I have to assume some of you guys live in windowless underground bunkers sealed off with concrete because door locks "aren't secure against battering rams". Normal people don't need perfect encryption they just want to add an extra hurdle or two for the crackhead who steals the PC. I assumed Linux had a system similar to what Windows or MacOS has been doing for a decade but I am apparently wrong.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 8 months ago (2 children)

I think people are misunderstanding the whole point of drive encryption. It's so that if the drive is stolen or lost, you don't have to worry about it as much. I personally don't see any benefit in doing this if I have to enter a password every time I plug the damn thing in. If you're concerned about somebody stealing your laptop or desktop, the disk-encryption should be the least of your worries.

To the OC; if you happen to use GNOME, then check out the settings in the DISKS app. It has auto-unlock options in the per-drive settings. I long ago configured it so my USB is auto-unlocked upon being plugged in. Though after several system resets and such whatever I did to do that seems to no longer be visible in the GUI, I know that's how I set it up in the first place.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago) (1 children)

To the OC; if you happen to use GNOME, then check out the settings in the DISKS app. It has auto-unlock options in the per-drive settings.

Thanks so much!

EDIT: This didn't work

[–] [email protected] 1 points 8 months ago

Is the setting missing? Or is the setting just not working properly? My laptop has the option greyed out and stuck in the "enabled" setting. I'm not sure how much help I'll be, but I can try?

[–] [email protected] 0 points 8 months ago (1 children)

They do understand the point. The problem is that if you use TPM to unlock on boot it is slightly self defeating. Now the attacker has access to your display manager or TTY. They can guess passwords, try to bypass the biometric checks, or find an exploit. But that does indicate a higher tech level that your average thief.

[–] [email protected] 5 points 8 months ago

I appreciate the concern but odds are if someone is stealing my PC its not going to be a 1337 hax0r. I am not keeping government docs on here I just don't want someone to be able to rip out the HDD and have easy access to everything.