Full disk encryption: How to enable multiple password attempts in Grub
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Full disk encryption: How to enable multiple password attempts in Grub
I am using full-disk encryption pretty much set up like described in this guide.
I works nicely except for the fact that I am bad at typing passwords. So occasionally I am typing it wrong and grub drops me to a rescue shell.
I then hit ctrl-alt-del to reboot, which feels unclean and is a bit annoying as it takes a couple of seconds. So I was wondering if there was a cleaner way, such as configuring grub to allow multiple attempts or something similar.
Obviously a minor issue, but if anyone knows a little trick please share it.
I don't know how it could be done, although it may be possible to construct a script to add to /etc/grub.d/40_custom that would work.
As an alternative, grub can remember the last entry you booted from and use it as the default for the next boot. If you are interested, I found instructions at the Arch Wiki . Scroll down to Section 10.2 for the additions to make to the grub config to save and use the default password.
Don't forget to run update-grub as root for the changes to take effect.
I don't know how it could be done, although it may be possible to construct a script to add to /etc/grub.d/40_custom that would work.
Don't think I understand the suggestion. At the time that I am typing the wrong password scripts in this directory would not be decrypted yet, so how would any changes in /etc change anything? I am probably missing something, can you elaborate a bit more?
Quote:
Originally Posted by bigrigdriver
As an alternative, grub can remember the last entry you booted from and use it as the default for the next boot. If you are interested, I found instructions at the Arch Wiki . Scroll down to Section 10.2 for the additions to make to the grub config to save and use the default password.
Don't forget to run update-grub as root for the changes to take effect.
I have to type my luks password before the grub menu even shows.
The boot directory is part of the encrypted partition. So the boot entry is only chosen after I have typed the correct password. In fact I only have one system on this computer anyhow, and have the timeout set to zero. So I don't even get to see the grub menu anyways...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
