From memory yes but the contents of your home directory are inaccessible until you enter your password via a popup. For whole drive encryption probably not.
I had configured this manually (incorrectly) in Arch a while back to have my home dir be on a separate encrypted drive.
Turns out the main drive didn’t get the memo and still had a home folder which worked fine, I thought it was working so I promptly forgot about it.
Meanwhile the encrypted drive (which had only ever been unlocked that day and never again) had maybe 10 files on it that I didn’t even know it had until I swapped the drive into a different PC.
The password for the hard drive encryption and the system login are two separate things, so, yes, this combination is easily possible. You’ll have to input a password for system bootup, but not for logging in.
How advisable that combination is is another question entirely.
Mine autodecrypts with a hardcoded password in a text file. I don’t really care about encryption right now, but the minute I do, it’s one file delete away.
By default, you never have to enter your BitLocker passphrase, since there’s usually no passphrase in the first place. The default configuration unlocks the drive automatically as long as it’s on the same network it was set up with. Otherwise you need the recovery key. You can also manually enable an unlock method, though on modern PCs there’s usually only PIN available.
On Linux, in theory you can have the exact same setup and nothing’s stopping you. However, depending on the distro it may or may not be easily configured. You can fairly easily set up automatic drive unlock with TPM, which essentially gives you a similar experience to the default BitLocker.
Is there any OS that allows this config?
At least with Linux, if I encrypt my hard drive, I have to enter my encryption password on every login, for some even during boot.
Not sure about Windows. I wpuldn’t be surprised if you can have bitdefender on with auto login.
From memory yes but the contents of your home directory are inaccessible until you enter your password via a popup. For whole drive encryption probably not.
I had configured this manually (incorrectly) in Arch a while back to have my home dir be on a separate encrypted drive.
Turns out the main drive didn’t get the memo and still had a home folder which worked fine, I thought it was working so I promptly forgot about it. Meanwhile the encrypted drive (which had only ever been unlocked that day and never again) had maybe 10 files on it that I didn’t even know it had until I swapped the drive into a different PC.
The password for the hard drive encryption and the system login are two separate things, so, yes, this combination is easily possible. You’ll have to input a password for system bootup, but not for logging in.
How advisable that combination is is another question entirely.
Can do full disk encryption of root and auto-unlock with tpm, the auto-login is a separate thing and not necessarily the same password
You can have FDE binded to the TMP and then inside that encrypted volume an encrypted home.
By doing that you only need to input your login password and get better security than the meme setup and other suggestions.
You would need, iirc (I am typing this from memory):
systemd-cryptenrollI know the steps but for NixOS only lmao.
You could configure the TPM to effectively store the LUKS key. User login is skippable. So yes, should be possible.
Mine autodecrypts with a hardcoded password in a text file. I don’t really care about encryption right now, but the minute I do, it’s one file delete away.
By default, you never have to enter your BitLocker passphrase, since there’s usually no passphrase in the first place. The default configuration unlocks the drive automatically as long as it’s on the same network it was set up with. Otherwise you need the recovery key. You can also manually enable an unlock method, though on modern PCs there’s usually only PIN available.
On Linux, in theory you can have the exact same setup and nothing’s stopping you. However, depending on the distro it may or may not be easily configured. You can fairly easily set up automatic drive unlock with TPM, which essentially gives you a similar experience to the default BitLocker.