I’ve recently installed Manjaro KDE on a new laptop of mine (Ideapad 5 14ARE05 with a Ryzen 4600U, 16GB RAM, 512 GB SSD).
As I’m going to use the laptop for occasional traveling, I want to keep my personal data safe in case of theft of loss.
Therefore, I would like to use full disk encryption and thus choose the respective setting during installation of Manjaro through the normal graphical installer from the live system.
What I did notice right at first boot was that the unlock prompt
- is rather, say, spartanic and more importantly
- it’s pretty slow to actually unlock and start the proper boot process.
I’m comparing to Linux Mint, which I had installed on my previous laptop with full disk encryption.
The old laptop had far less capable hardware (old i3 3110M), so I would exclude the possibility that my hardware is too slow.
In comparison, the old laptop would unlock much faster and finish the boot quicker. The unlock prompt was also using a graphical representation instead of a simple text console.
Reading around a little bit, it seems to me that the issue might be with grub2 not supporting some related hardware instruction sets and the way the installer is doing the full-disk encryption, including the /boot directory.
So, my question is - what is the best way to do disk encryption with Manjaro to have a good and reasonable balance between security and comfort?
Is this even doable with the graphical installer, or should I follow e.g. the advice found in this recent thread?
Are there ways to speed up the unlocking process after the installation is done or do I need to start over and do a fresh installation?
I’m not a dissident, investigative journalist, high-level business or government exec and thus probably don’t need to worry too much about obtaining ultimate security or third parties trying to hack my device to listen in to my communications.
Thank you for any suggestions!