Worth adjusting the other options too (not just memory) or it takes a really long time to unlock (30seconds). Wondering whether encryption is even useful at all for my use case...
I think I'll disable encryption as suspend/hibernate leaves persistence drive unlocked with a console also unlocked with live user auto-logged-in with capability to sudo to root without password, too much suggestion of security without actually providing any at all in that scenario...
here is a table of kernel boot parameters for (un)encrypted persistence vs partition encryption:
kernel 🔐 partition 🔐 -> prompts for unlock password, if password ok uses encrypted persistence partition no issues, otherwise it boots without persistence (RAM overlay only)
kernel 🔐 partition 🔓 -> ignores unencrypted partition completely, boots without persistence (RAM overlay only)
kernel 🔓 partition 🔐 -> ignores encrypted partition completely, boots without persistence (RAM overlay only)
kernel 🔓 partition 🔓 -> automatically uses persistence partition, no issues
changing kernel boot parameters requires either manual keyboarding on each boot, or recreating the hybrid ISO and reflashing the USB key. neither area fun.
Welcome to post.lurk.org, an instance for discussions around cultural freedom, experimental, new media art, net and computational culture, and things like that.