Since Debian 13 (Trixie), when using the default FDE which uses grub to decrypt the luks partition, I have a single attempt

When the password is mistyped there is a long pause (over 10 seconds) and then the error appears.

I already tried increasing the max tries, which seems to be set to 1 when a keyfile is used.

The config/script seems to be in /usr/share/initramfs-tools/scripts/local-top/cryptroot.

I copied that to /etc/initramfs-tools/scripts/local-top/cryptroot and replaced the value CRYPTTAB_OPTION_tries=1 with 10 using find/replace (ansible stuff).

I think this has no effect though and doing so (might be a different issue) breaks boot entirely 💀

More info:

  • by default when legacy boot (BIOS) is available, Debian will install grub to the MBR. This is where it happens
  • when forcing or prioritizing legacy boot and using GPT, debian somehow boots from a 300MB efi partition, the same happens though, one attempt
  • ferric_carcinization@lemmy.mlEnglish
    52·
    12 days ago

    But bootloaders are distro/OS agnostic. Why wait for Debian, when you could, for example, boot an Arch live ISO to install a newer GRUB?

    I don’t use GRUB, but have done the same thing with SystemD Boot before. As GRUB’s configuration system is a bit more complex, you might have to mount your main install to get the correct config file.

    • frongt@lemmy.zip
      41·
      12 days ago

      If you’re going to do that, get the grub debs from Debian sid, not a whole different distro.

      • ferric_carcinization@lemmy.mlEnglish
        41·
        12 days ago

        As it’s a bootloader, it should make almost no difference which distribution was used to install it. (I’m not sure if Debian patches their GRUB.) I just used Arch as an example, as it is famous for being up to date. And, no matter where it’s installed from, if you’ve made changes to GRUB’s configuration, you’ll have to copy it over to the live distribution to keep your changes.

        Yes, Debian Sid might be more familiar for Debian users, but that’s it.

        Edit: You said “get the grub debs from Debian sid”, but installing Sid packages on non-Sid systems isn’t something that you should do.

        • communism@lemmy.ml
          11·
          11 days ago

          Why install it from a package manager at that point? It’s probably more of a pain to get an Arch package working on Debian than it is to just build GRUB from source and install it according to whatever instructions GRUB distributes

          • ferric_carcinization@lemmy.mlEnglish
            3·
            11 days ago

            I meant the following:

            1. Find out the Debian package is too old
            2. Create Arch Live USB
            3. Boot Arch Live USB
            4. Copy GRUB config from the Debian install to the current Arch live system
            5. Install the up-to-date GRUB while in the Arch environment

            The bootloader installer package is distro dependent, the bootloader the package installs isn’t. You can boot Debian no matter if the GRUB is installed from Debian stable, Debian Sid, Arch, Fedora or even FreeBSD. Otherwise, dual booting wouldn’t work.

            Like I said, I’ve done that before, though with SystemD Boot instead of GRUB, which was a bit simpler due to how the bootloader is configured.