Full disk encryption, password prompt to decrypt and battery usage

callegar · 13 September 2023 07:21

Hi,

I have just installed a laptop with full disk encryption and I am experiencing the following situation.

While through the boot process or in the firmware setup the laptop appears to operate at full power. For instance, if you stay in the firmware configuration window, it rapidly becomes quite hot and the fans start spinning at max speed. As soon as linux is booted the power consumption goes down sensibly, the laptop cools down and the fans stop.

This would not be a problem if the system could always do a fast boot.

Unfortunately, with full disk encryption, before the boot the system must ask for a password. If you are not fast entering the password (e.g., you are called elsewhere for some minutes during the reboot), the laptop remains at full power (that I believe can be > 70W on this gaming machine). In a few minutes the laptop becomes quite hot and the battery is similarly rapidly drained.

Is there any way to set a timeout for the decrypt password prompt so that if the password is not entered before the timeout the laptop switches off to avoid overheating and destroying the battery?

mithrial · 13 September 2023 09:02

If you’re using full-disk encryption, the kernel itself with all its drivers and device management systems is not available at time of decryption: Only a bare minimal grub environment which can decrypt your boot partition and load the kernel.

I don’t think there is a nice solution for this.
You could encrypt only your root partition and leave boot unencrypted, however, this might violate your attack scenario.

system · 15 September 2023 23:03

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.