Is there some way I can unlock my btrfs encrypted disk using a graphical unlocking screen.

Basically I was setting up an On-screen keyboard so that I can use my PC in case I do not have a keyboard available. Only problem in setup is that I can’t find anyway to use on-screen keyboard on that screen on which we enter password to decrypt disk.

Help please

  • Björn Tantau@swg-empire.de
    link
    fedilink
    arrow-up
    5
    ·
    7 months ago

    tldr: Use systemd-boot instead of grub to boot. And then unl0kr to give you an on-screen keyboard.

    A little more technical:

    Are you intending to use unl0kr for decryption? I used that on my Steam Deck. Whatever you use, it cannot use your normal graphical login. It has to be packed into the kernel’s initrd because when you want to decrypt your drive nothing else is available. I used unl0kr.

    You cannot use grub unless you have /boot on an unencrypted partition. Because grub has its own decryption process which is very minimal. It does not have access to the kernel (which leaves you without any hardware acceleration for the decryption, making it very slow.

    Systemd-boot works by putting the kernel and initrd on the unencrypted EFI partition on /boot/efi.

    So you can either use grub with an unencrypted /boot or systemd-boot with everything copied onto EFI. Whatever you use, try to get to a state where you’re greeted with a slightly more pleasing passphrase entry, maybe on a plymouth bootscreen, instead of grub’s own ugly entry screen.

    When you have come so far you can try to get unl0kr to work.

    I don’t have the energy to type more but hopefully this can steer you in the right direction. Your actual login manager or desktop environment don’t factor into this at all.

    If you do want to only see the login prompt from your login manager you have to store the decryption key in TPM. No idea how that is set up but automatic decryption without typing in a passphrase sounds iffy to me.