tl;dr anyone know how (both before and after install) one can setup more graceful retry (rather than falling into grub rescue when password is mistyped?
As reported here I frequently run into the following grub flow whenever I mistype my password:
Attempting to decrypt master key...
Enter passphrase for hd2,gpt2(...long-hex-string...):
error: access denied.
error: no such cryptodisk found.
error: disk 'cryptouuid/...long-hex-string...' not found.
Entering rescue mode...
grub rescue>
However, Manjaroās the first place Iāve seen this happen. All other distros Iāve installed (entirely via GUI - not doing anything too āadvancedā I donāt think - just always choosing encryption of my full disk): I encounter some sort of UX that allows me to try again rather than dropping me to a grub rescue> prompt. Is there a way to get this (nicer āretry UXā) behavior with Manjaro? Iām interested in both after-the-fact (Iāve already installed, now how do I get said behavior) and before-hand (Iām about to install, what do I do in the installation UI to ensure Iāll be configured with said retry behavior).
Also, Iād be happy to hear that others do not get this behavior for their disk-encrypted installs, in which case this means I just clicked the wrong thing at some point during my install (which at least gives me a lead)
With these other distros, did they create a separate /boot partition? or was the only thing non-encrypted your EFI system partition?
The prompt youāre seeing (to input your LUKS passphrase) is a rudimentary method from the EFI executable itself.
The former method of using full-disk encryption would leave a small separate non-encrypted/boot/ partition where the kernel and initramfs would live, which would be used to prompt for your LUKS passphrase to later unlock the root partition. (Failed passphrases would re-prompt you a few more times before aborting.)
A workaround for the moment, provided by the Arch Wiki:
I havenāt tried this yet myself, and Iām not sure if it works for all distros or versions of LUKS.
Furthermore, Iāve marked this answer as the solution to your question as it is by far the best answer youāll get.
However, if you disagree with my choice, please feel free to take any other answer as the solution to your question or even remove the solution altogether: You are in control! (If you disagree with my choice, just send me a personal message and explain why I shouldnāt have done this or or if you agree)
P.S. In the future, please donāt forget to come back to your question after your issue has been solved and click the 3 dots below the answer to mark a solution like this below the answer that helped you most:
so that the next person that has the exact same problem you just had will benefit from your post as well as your question will now be in the āsolvedā status.