Back to Releases

Forum / Releases / Discussion

Encryption Update — ISOs Refreshed

Follow the discussion below and jump in with a reply if the topic is open.

Replies
0
Views
103
Original Post
Post #894

We've been working through some issues with disk encryption in the installer and have them sorted out.

What was happening

A serialization mismatch between the UI and the installer backend meant the encryption type was never being read correctly, so LUKS was silently skipping setup entirely or incorrectly configuring encryption.

What's fixed

  • LUKS encryption now actually sets up correctly during installation
  • TPM2 auto-unlock works (tested in VM with swtpm and on real hardware)
  • The TPM2 option is now hidden on systems without a TPM device
  • Done page passphrase reminder only shows when you actually set up encryption
  • Secure Boot enrollment notice only shows if the key was enrolled during that specific install

Two encryption options are available

Option Description
Passphrase Standard LUKS2 software encryption. Works on any hardware, you enter your passphrase on every boot.
TPM2 auto-unlock Unlocks automatically on boot using your TPM chip, falls back to passphrase if TPM fails. Requires TPM2 + Secure Boot for full security.

If you previously installed with encryption enabled and it didn't seem to work — that's why. A fresh install will set it up correctly now.

Download

All Isos are avalible at https://rakuos.org/download

Reply to this discussion

You cannot edit posts or make replies: You should be logged in before you can post.