I am completely new to this. I searched the forum and found some advice that did not work for me.
- One SSD (NVMe, M.2, 1 TB) with Windows 10
- Another SSD (not NVMe, SATA, 128 GB) designated for Manjaro (18.0.4 KDE)
What I want:
Encrypt everything on the "Manjaro SSD" (with LUKS), except for the boot partition, so that GRUB does not ask me for a password to enter the boot selection menu, but when I chose to boot Manjaro, it does ask for a password to decrypt root (and everything).
I followed this guide to partition my designated Manjaro disk.
During installation of Manjaro I selected the encrypt option for both the swap and the root partitions (using the same password).
Then I installed Manjaro.
Upon restart, GRUB asks for the password before I can chose what to boot (this is not what I intended) and then it again asks for the (same) password when I chose to boot Manjaro (this is fine/desired).
Side note: Windows boot works fine.
Why I don't want this first password prompt should be obvious. It is quite inconvenient when I just want to pick Windows to boot and frankly unnecessary (as far as I understand) for my encrypted Manjaro, if root is encrypted anyway.
Now, I tried this solution here and commented out GRUB_ENABLE_CRYPTODISK=y from /etc/default/grub, then did sudo update-grub, but to no effect. I still get prompted before I can enter the GRUB bootloader. The only perceived difference is the look of the boot selection menu, which is now less "graphical"...
What am I missing? How can I get rid of this first password prompt?
I apologize if I missed an exisiting solution to this exact problem and am thankful for a reference.