Yeah it’s alright. I’ve been using Tumbleweed on my Desktop PC for the last few months and I gotta say it’s mid. They do hard drive unlocking in Grub instead of in the initfs which means that only LUKS 1 and with that only the not-so-secure PDKDF is supported, instead of argon2id which is the modern KDF you want to use. This is a small and annoying oversight in the distros security which is why I will not be using it in the future
You can fix this by manually placing the /boot partition outside of luks when you do your install. I did it and now my opensuse system boots in a reasonable time. Annoying to do but 100% worth it.
Luckily most installers support installing wherever you tell them to. So if you install from a live image you should be able to set it up the way you want. I’ll definitely try that as soon as a I do my next installation.
Yeah it’s alright. I’ve been using Tumbleweed on my Desktop PC for the last few months and I gotta say it’s mid. They do hard drive unlocking in Grub instead of in the initfs which means that only LUKS 1 and with that only the not-so-secure PDKDF is supported, instead of argon2id which is the modern KDF you want to use. This is a small and annoying oversight in the distros security which is why I will not be using it in the future
You can fix this by manually placing the /boot partition outside of luks when you do your install. I did it and now my opensuse system boots in a reasonable time. Annoying to do but 100% worth it.
Luckily most installers support installing wherever you tell them to. So if you install from a live image you should be able to set it up the way you want. I’ll definitely try that as soon as a I do my next installation.