Skip to main content
We’ve updated our Terms of Service. A new AI Addendum clarifies how Stack Overflow utilizes AI interactions.
Server Fault

Return to Question

replaced http://unix.stackexchange.com/ with https://unix.stackexchange.com/
Source Link
Community Bot
Community Bot
  • 1

I have a Debian 8 VPS with an encrypted root partition. After a kernel update a few months ago (package version 3.2.73-2+deb7u3), it stopped being able to decrypt properly on boot. As far as I can tell, the initramfs wasn't loading the crypt libraries, and so didn't know what to do.

I found this answer, but that didn't solve the issues, no matter what UUID we tried. http://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-timehttps://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time

Our current kludge that enables us to boot with errors is creating a cryptroot file in /etc/initramfs-tools/conf.d/cryptroot with contents

CRYPTOPTS=target=root,source=/dev/vda5,lvm=cloud--vg-root

and an /etc/crypttab with contents

# <target name> <source device> <key file> <option> crypt-vda5 /dev/vda5 none luks

During boot it asks for the password and mounts vg-root, and then it asks us for the password again and complains that the partition is already mounted, and throws a bunch of errors that I have to hit esc repeatedly to get past. If we remove either one of those files or change them, it doesn't prompt for password on boot, and thus mounting root fails.

Any ideas how to remove the kludge and fix this for good?

thanks!

I have a Debian 8 VPS with an encrypted root partition. After a kernel update a few months ago (package version 3.2.73-2+deb7u3), it stopped being able to decrypt properly on boot. As far as I can tell, the initramfs wasn't loading the crypt libraries, and so didn't know what to do.

I found this answer, but that didn't solve the issues, no matter what UUID we tried. http://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time

Our current kludge that enables us to boot with errors is creating a cryptroot file in /etc/initramfs-tools/conf.d/cryptroot with contents

CRYPTOPTS=target=root,source=/dev/vda5,lvm=cloud--vg-root

and an /etc/crypttab with contents

# <target name> <source device> <key file> <option> crypt-vda5 /dev/vda5 none luks

During boot it asks for the password and mounts vg-root, and then it asks us for the password again and complains that the partition is already mounted, and throws a bunch of errors that I have to hit esc repeatedly to get past. If we remove either one of those files or change them, it doesn't prompt for password on boot, and thus mounting root fails.

Any ideas how to remove the kludge and fix this for good?

thanks!

I have a Debian 8 VPS with an encrypted root partition. After a kernel update a few months ago (package version 3.2.73-2+deb7u3), it stopped being able to decrypt properly on boot. As far as I can tell, the initramfs wasn't loading the crypt libraries, and so didn't know what to do.

I found this answer, but that didn't solve the issues, no matter what UUID we tried. https://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time

Our current kludge that enables us to boot with errors is creating a cryptroot file in /etc/initramfs-tools/conf.d/cryptroot with contents

CRYPTOPTS=target=root,source=/dev/vda5,lvm=cloud--vg-root

and an /etc/crypttab with contents

# <target name> <source device> <key file> <option> crypt-vda5 /dev/vda5 none luks

During boot it asks for the password and mounts vg-root, and then it asks us for the password again and complains that the partition is already mounted, and throws a bunch of errors that I have to hit esc repeatedly to get past. If we remove either one of those files or change them, it doesn't prompt for password on boot, and thus mounting root fails.

Any ideas how to remove the kludge and fix this for good?

thanks!

Source Link
mxroo
mxroo
  • 41
  • 5

Encrypted root partition not booting properly

I have a Debian 8 VPS with an encrypted root partition. After a kernel update a few months ago (package version 3.2.73-2+deb7u3), it stopped being able to decrypt properly on boot. As far as I can tell, the initramfs wasn't loading the crypt libraries, and so didn't know what to do.

I found this answer, but that didn't solve the issues, no matter what UUID we tried. http://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time

Our current kludge that enables us to boot with errors is creating a cryptroot file in /etc/initramfs-tools/conf.d/cryptroot with contents

CRYPTOPTS=target=root,source=/dev/vda5,lvm=cloud--vg-root

and an /etc/crypttab with contents

# <target name> <source device> <key file> <option> crypt-vda5 /dev/vda5 none luks

During boot it asks for the password and mounts vg-root, and then it asks us for the password again and complains that the partition is already mounted, and throws a bunch of errors that I have to hit esc repeatedly to get past. If we remove either one of those files or change them, it doesn't prompt for password on boot, and thus mounting root fails.

Any ideas how to remove the kludge and fix this for good?

thanks!