Hello,
> Christine Lemmer-Webber <[email protected]> writes: > >> - It's painful with full disk encryption even then, because you have to >> type your passphrase twice. > > This is not the case for quite some time now. Sure, it requires some > configuration, but it can be done. For all my machines I am typing my > passphrase just once. Sure, it is the first one, so it takes *long* > time, though since it is just one passphrase, I usually just make a > coffee or something while waiting. I just performed a Guix System 1.5.0 installation with full-disk encryption in a VM. On the installed system, the password needs to be typed twice: in GRUB and in the initramfs. Maybe for the next release, we should aim for an installer that creates a configuration where only one password input is necessary. The extra-initrd proposal feels a bit hacky to be the one proposed by the installer. Two alternatives come to my mind: 1. Make sure that all the kernels/initramfs of the live generations have a copy in /boot. 2. Have the store in a dedicated, unencrypted partition. Any other alternatives :) ? Thanks, Mathieu
