Re: systemd-boot not asking password, not resuming from hibernate
On Sat 06 Jan 2024 at 20:04:57 (+0100), Richard Rosner wrote:
> I just tried out systemd-boot. What I noticed, it doesn't ask for my
> decryption password to decrypt both my LUKS2 encrypted root and swap
> partition. This kinda defeats the purpose of encrypted drives. How do
> I have systemd-boot forget and never again remember my credentials?
I'm assuming that when you boot, you do get /one/ prompt for your
passphrase, and not zero. If it doesn't ask /again/ after that,
then I'd guess that it's storing something somewhere.
In the little I've read about this, I've come across a scheme where
Grub writes an initrd file in memory and appends it to your main
initrd(s) so that the kernel can read it later.
> For the installation, I just installed systemd-boot. Afterward I had
> to uncomment the timeout option in /boot/efi/loader/loader.conf so I
> would get the selection screen, but I didn't make any other
> modifications. So what exactly is missing?
>
> Adding to that, resume from hibernate doesn't seem to work. Resume is
> included in the options line in the /boot/efi/loader/entries files,
> it's also enabled in initramfs-tools, yet after powering on after
> hibernating, I'm not greeted with where I left off.
I don't use hibernation. I close down desktops because I can remotely
boot them, and I leave laptops running as they consume trivial power.
> PS: by any chance does anybody know if systemd-boot supports Argon2
> KDF for LUKS2? I only know that Grub2 doesn't (yet), but it's
> difficult to find the specific documentation on systemd-boot.
You probably need to follow appropriate lists if you want to stay
up to date.
Cheers,
David.
Reply to: