Received: by 10.192.165.156 with SMTP id m28csp5534imm;
        Sun, 15 Apr 2018 15:26:44 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/OhNEIs1Gg+R9ptBUzqluedNvGzBM4fCFQaBOXBZrUMImnDh3Thw5lMuqaRbVIDG/P/dMc
X-Received: by 10.101.70.203 with SMTP id n11mr11019187pgr.166.1523831203977;
        Sun, 15 Apr 2018 15:26:43 -0700 (PDT)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y101-v6si10712740plh.188.2018.04.15.15.26.29;
        Sun, 15 Apr 2018 15:26:43 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@natalenko.name header.s=dkim-20170712 header.b=EHLKJZan;
       arc=fail (signature failed);
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=natalenko.name
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752736AbeDOWZZ (ORCPT <rfc822;yuankui.zhao@gmail.com>
        + 99 others); Sun, 15 Apr 2018 18:25:25 -0400
Received: from vulcan.natalenko.name ([104.207.131.136]:48318 "EHLO
        vulcan.natalenko.name" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750960AbeDOWZY (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 15 Apr 2018 18:25:24 -0400
ARC-Authentication-Results: i=1; auth=pass smtp.auth=oleksandr@natalenko.name smtp.mailfrom=oleksandr@natalenko.name
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=natalenko.name;
        s=dkim-20170712; t=1523831124;
        h=from:from:sender:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:in-reply-to:
         references; bh=mULl4NtigtnlCQSIdqHnjwB/gY6ou5IL8zcM5A/0W+0=;
        b=EHLKJZanhAeg0qwlIMgK3AQJt63rJXItgPXBeVvX+TpnDDNyw3HHwcz4QHHlWCF2RHQ9XZ
        2zfeYEe+ItjL9+lq12ghsodbEQ+1nP1Pgi2YPMCPAhOSrKLJ1AJHqg4Hh3fihMWc17C5UD
        OlgmPXldNTi0yMmfMpQvwtUQfc/DGXw=
ARC-Seal: i=1; s=arc-20170712; d=natalenko.name; t=1523831124; a=rsa-sha256;
        cv=none;
        b=bYgnlQUnYC8H9Y22tEPtQUnIaEbGNmUluxmmnm4dDEATgHDhkWlQ94Sc1t45aF4GK5nqhc1AfnkDzpSFL2DSnh6dyKw2yP7VdruL9exwl8Z0WxtAMSESdavfcZ0KwwFpS+oN0mez8sJCGAxZJ93uYBH71S/uPRcqlOAl7mt2xOc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=natalenko.name;
        s=arc-20170712; t=1523831124;
        h=from:from:sender:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:in-reply-to:
         references; bh=mULl4NtigtnlCQSIdqHnjwB/gY6ou5IL8zcM5A/0W+0=;
        b=K2jTp2dyzA88REGkka19E8yFC93Z2+TNOUbzVeImUNZHfMOWsxCJtPi2khdvxdirkz8Is4
        vuyrzAmrNu3NJT9PkHgGwjrS/0diAKfvp0X6hNz0GKTCX3oSRSlu9QK9Y00y7eNw7gAGfP
        Zs+aGE0EIggGZy+JNWwCO1pYGJL4tXk=
Received: from spock.localnet (unknown [IPv6:2001:470:5b39:28:d9be:599a:83a5:fae4])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by vulcan.natalenko.name (Postfix) with ESMTPSA id 9164733ADA5;
        Mon, 16 Apr 2018 00:25:24 +0200 (CEST)
DMARC-Filter: OpenDMARC Filter v1.3.2 vulcan.natalenko.name 9164733ADA5
Authentication-Results: vulcan.natalenko.name; dmarc=fail (p=none dis=none) header.from=natalenko.name
From:   Oleksandr Natalenko <oleksandr@natalenko.name>
To:     Hansjoerg Lipp <hjlipp@web.de>
Cc:     linux-kernel@vger.kernel.org
Subject: Re: [RFC] Passing luks passphrase from grub to systemd
Date:   Mon, 16 Apr 2018 00:25:22 +0200
Message-ID: <2907407.5HaPOCmciK@natalenko.name>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi.

> as I'm stuck with a (non-EFI x86_64) system with encrypted root
> partition, I have to enter the passphrase twice (grub needs it for
> getting the kernel etc., systemd needs it for mounting the root
> partition). This can be quite inconvenient, especially if the passphrase
> is long and contains special characters, and grub assumes a different
> keyboard layout.

Just fill another LUKS slot with a randomly generated key file and add that 
file to your initramfs (which already resides on encrypted /boot, right?). If 
your distro cannot do that, you should probably fixing things there, not 
adding ugly hacks to the kernel.

Check how it is implemented in Arch, for instance [1]. I'm not sure whether 
this is currently possible with openSUSE, though.

Regards,
  Oleksandr

[1] https://klmlinks.wordpress.com/2016/03/