How to create root and home with encryption in the installer and enter one password?

angel2035 · 25 November 2025 10:05

Hello everyone, I would like to install manjaro using an encrypted installer but with partitions separated into root and home. If I encrypt 2 separate directories, I have to enter the password twice.
I do this

Create a fat32 with the boot/efi flag
I create root, for example 200 GB with encryption
Create home and the rest of the space with encryption
As a result, I enter the password 2 times
How can I make it in the installer so that I can have two directories and enter the password once? Thank you

soundofthunder · 25 November 2025 11:18

There was a discussion about something similar to this within the past week. If you use the forum search you might be able to find it.

There are also other topics that might be helpful:

50+ results for: password twice

Regards.

linux-aarhus · 25 November 2025 14:01

Looking at the documentation
https://codeberg.org/Calamares/calamares/src/branch/calamares/src/modules/partition/partition.conf

It appears fairly easy to configure the auto installation to do achieve the goal.

Before starting Calamares installer, open a terminal and edit the file - append the snippet below - values were taken from your example, but I recommend adapting for your purpose.

/etc/calamares/modules/partition.conf


# added partition layout
partitionLayout:
    - name: "rootfs"
      mountPoint: "/"
      size: 200GiB
    - name: "home"
      mountPoint: "/home"
      size: 100%

Save the file and start the installer…

I have not verified - you should only be required to enter a passphrase once - at the auto partition screen.

angel2035 · 25 November 2025 20:28

Thanks, the post helped me. I saw that if you encrypt the swap space, the password is requested twice. I took a virtual machine and set everything up as described above, but without allocating swap space, everything ends up being decrypted with a single password. I just use the swap file.

So, let’s put it like this

1. boot

2. root with encryption

3. Home with encryption
4. Create a swap file after installing the system.

We get decryption with one password request; it’s convenient and a lot of fun.

dmt · 25 November 2025 20:52

You can use /etc/crypttab to unlock it using a keyfile. Of course it’s best to store the keyfile in an encrypted filesystem which is unlocked by a password (eg. /).

In fact if you don’t need hibernate then for swap you can just use a new random password each time.

system · 28 November 2025 20:53

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.