before learning all the new tools like Linux distros, vpns, compartmentalization, offline storage, security…etc.

You better start controlling the apps/services you are using NOW !

Youtube, Gmail, Facebook, X, Maps…etc. all has shit tons of data about you. Limit what they can use. Dont give your info out easily (main email account).

yeh and if i remember correct, there are no options in Samsunf Keyboard to control the clipboard history length. It still remembers what you copied 3 weeks ago…

My recommendation is to use another keyboard. SimpleKeyboard, FlorisBoard…etc.

Fedora then? Just choose the default Workstation. Easy to setup. Easy to do stuff too.

arch linux was what forced me to use LUKS on all of my installs regardless of distros, btw.

i used the standard layout:/boot, /, /home, swap. So when the installs break, the best way to fix is to use the archiso and remount and re arch-chroot.

Well… i found out that without LUKS, anybody can use any distros live cd and mount my stuff.

At first, I used LUKs only on the main partitions: so / and /home, or just / if no separate /home. Swap remains unencrypted. Boot is also unencrypted.

You could encrypt those too but need more work and hackery stuff:

• encrypted boot: can be slow if you boot the compututer from cold. There’s also this thing where you need to enter the password twice => think Fedora has an article to get around this. Iirc, it involves storing the boot’s encrypted password as a key deep within the root directory.

• encrypted swap: the tricky thing is to use this with hibernation. I managed to get it to work once but with Zram stuff, I dont use hibernation anymore. It involved writing the correct arguments in the /boot/grub/grub.cfg. Basically tells the bootloader to hibernate and resume from hibernation with the correct UUID.

could just replace it, no? Unless your keyboard is weird, the size of window key is pretty standard right?

i’d recommend trying things out first. You are still in the beginning phrase, so try different distros. When you do, look for stuff like

• forum support. Is it popular ? Ubuntu Studio may not be as popular as vanilla Ubuntu and even when theyre from the same family, you can expect minor differences.

• i know this is not Windows. But say your OS is corrupted, how fast and easy it is for you to reinstall?

Example: Pop OS has a dedicated partition to reinstall the OS right in the grub menu - you dont need a separate USB drive for this. On the other hand, Archlinux requires you to mount the partitions correctly (yout home, root…etc), then you can go and fix your systems.

• do you like how the package manager work? I dont like Ubuntu because it has these different sources that can get convoluted. Arch’s AUR can be very messy. Fedora for me is the way because I like DNF. Plus, its syntax is easy to remember.

wait you dont actually need to know French or Danish? How’s the local perception of English speaking foreigners, i.e. is it offensive to respond in English if the waiters/locals ask in French?

Tbh the language barrier is 1 of the reasons holding me back. Havent tried for positions in France and Denmark yet, but for the ones I looked in Germany and Spain, you need to know German or Spanish. Even the job ads are in German/Spanish…

That shortcut to switch between different virtual consoles is very useful. If somehow your desktop crashes, this can be used to login and fix.

Yeh I started with Fedora 41 on i3 and then did the upgrade to 42. Maybe there are issues during the upgrades? Idk

I just wiped my drive and reinstalled 42 because the issue is so annoying - you cant do shit unless you logout and log back in.

I tried Fedora KDE 42 - very nice but it hang on bootup (30 seconds after login) and randomly on suspend.

Guess I’ll just stick with the official Gnome - Fedora Workstation.

i see, so the file names are: autostart_blocking.sh and autostart.sh

I dont need to create a weird file name like: autostart.sh &

But, whichever command I put in autostart.sh will run as if I run in terminal with the & sign. E.g: dunst & to run in the background.

Well thanks everyone. I finally managed to get it to work on Arch. System has separate encrypted root and swap in LVM, and a separate encrypted home. It can suspend and hibernate. Below are my steps

DISK PREP

• partition the main drive for your swap and root first. For me, it is a boot partition + an EFI + a LUKS container with LVM on top. Create your volumes. I use Arch, so format and mount them appropriately before pacstrap. Leave out mount point for /home.

• Go to your other drive, follow: https://www.cyberciti.biz/hardware/cryptsetup-add-enable-luks-disk-encryption-keyfile-linux/

to create a LUKS container that is encrypted with: a keyfile and a password. Test both to make sure you can open the locked drive. Format and mount it at /mnt/home or where you want the /home to be.

• Pacstrap and then genfstab.
  Important: Make sure to copy the keyfile from your archiso environment to your chroot environment aka your system. Otherwise, when reboot, the keyfile is gone. I put it in /root and set permission so only root can read.

AUTOMATIC UNLOCK

• First, fstab. When you do genfstab, things should be fine. But just double check the UUID is correct for /home. Note in fstab, the UUID is the unlocked one: so the one with /dev/mapper/home. Change to noatime if you desire.

• Second, crypttab. Assume you decrypt your LUKS home as “home”. Add this:

home uuid of the unencrypted home drive location of the keyfile luks

The link above said to just use /dev/sda, but imo UUID is safer if you have a removable drive.

• Third, grub. Edit your /etc/default/grub and append the following to GRUB_CMD_LINUX:

“rd.luks.uuid=UUID of the locked luks home drive”

FOR HIBERNATION

For some reasons, hibernation doesnt work out of the box. It works when I have everything in 1 drive, i.e 1 boot, 1 efi, 1 lvm on luks for /home, swap and /. The fix is simple:

• add “resume” to /etc/mkinitcpio.conf. Add before “filesystems” . Rebuild your initramfs with mkinitcpio -P.

• add to /etc/default/grub: “resume= uuid of the unlocked swap partition”. Or if you do LVM, just use “resume=/dev/vg/swap”.

Special thanks to bodaciousFern@lemmy.dbzer0.com and Lemmchen@feddit.org for giving me correct ideas about “rd.luks.uuid” and that LUKS can do both pass and keyfile.

I have Fedora on my work laptop and vanilla Arch on my tinkering laptop.

I think instead of thinking about “set it and forget it”, you might want to think about “if shit happens, how fast can I fix it?”. That is because stuff break or there are bugs . If you use a very old and LTS distro, you might be comfortable but there might be bugs that do not get fixed until much later. Eg: Debian’s kernel used to be able to suspend-then-hibernate, then they jump to one that cannot. So if you want that feature back, you need to wait… until Debian catches up with mainline’s fixes.

So if you only use your computer for web, email, movie. Then any distro will work.

Now, imo there are 2 types of problems in Linux:

1. Boot/GRUB/partition problems: this can happen if you’re dual boot, or a config goes wrong. To fix, usually you need to boot a live cd.

Pop OS would be #1 choice just because it has a “Recovery Partition” with live environment. You can reinstall the entire OS while you’re on the plane, without wifi or any USB.

Arch would be #2 here, just because the arch iso is so good. It is minimal and has all the tools you need to fix stuff: partitions, wifi…etc. Plus, it boots in tty so it is faster for fixing.

2. Problems with library mismatch: for this you want one with good snapshots built in. So OpenSUSE or if you know how to configure btrfs, maybe Fedora. I would still go Pop OS here, so you can configure btrfs AND get the recovery from point 1) above. Linux Mint would be #2 choice because they have timeshift built in.

So the TLDR for you is: pick Pop OS for the recovery partition. Also, use btrfs. Lastly, configure your disk nicely, i.e. dont do any crazy LVM encryption, just use standard layout so when comes the time to fix, it is easier.

hmm thanks i’m gonna try that script you linked in artix wiki. Havent seen that one before so its worth a shot. What I usually see is some systemd Unit scripts. Gtlock looks neat as well, does swaylock give you problems too?

The only robust and no BS lock combo so far, imo, is Regolith i3wm.

For some reasons and whatever black magic eas used, this Frankenstein combo of i3 and GNOME work every single time. The downside is their configs are soooo messy. It is very hard to use whatever you have in vanilla i3 for Regolith.

funny how with sooooo many updates, Windows are still very vulnerable. You buy a Windows PC, you better equip Antivirus software too; it is like bread and butter. On Linux and also Mac, you never need to worry about these things.