On 05/23/2018 12:36 AM, Diagonal Arg wrote: > On 05/22/2018 05:06 AM, 21na...@gmail.com wrote: >> Le 16/05/2018 à 08:05, Diagonal Arg a écrit : >>> On my first tries with the Debian installer, I am struggling with the >>> limited resources for installing to encrypted disks. I am using the >>> same technique I have used with Ubuntu, but failing at the last step: >>> >>> I create my luks disk(s) before-hand, then run the installer. I find >>> I have to anna-install cryptsetup-udeb, as there is no such choice in >>> "Load Installer Modules". Dropping to a shell, opening the disk, and >>> re-detecting hard drives allows me to carry out the installation (as >>> long as there's a filesystem in the mapped device), but on reboot I'm >>> at an initramfs without cryptsetup. So I use a debian-live to pivot >>> into the system to create a crypttab. I find I also have to install >>> cryptsetup. Then I run update-initramfs. Here is where I'm stuck. >>> The new initramfs still does not include cryptsetup. Why is it not >>> recognizing the crypttab? >>> >>> I have tried other approaches eg, during installation doing adding an >>> apt-install cryptsetup (after "Select and Install Software") and then >>> editing crypttab, but to no avail. >>> >>> /D >>> >>> PS. I pivot like this, in case I'm missing something: >>> >>> mount root & boot devices in /target >>> for f in dev dev/pts sys proc; do sudo mount -B /$f /target/$f; done >>> chroot /target >>> >> Hello, >> >> In the file “/etc/cryptsetup-initramfs/conf-hook”, there is a line >> “CRYPTSETUP” which is commented and/or has the default value “n”. If >> this is the case, replace the line with “CRYPTSETUP=y”. So, the next use >> of the command “update-initramfs” should solve your problem if I >> understood it correctly. >> >> [...] > > Thank you! Cryptsetup is now in my initramfs. I am close, but there > still remains one issue. When updating the initramfs, I get: > > cryptsetup: WARNING: root target luks.root uses a key file, skipped > > But it doesn't use a key file. My cryptsetup is: > luks.root UUID=xxx pwd luks > > And my fstab contains: > /dev/mapper/luks.root / btrfs defaults 0 0 > > When I boot the system, I drop into initramfs. There, I can open the > root disk myself and continue the boot process. > > /D
Oops! It's not "pwd" in the crypttab, it's "none"! Works now. Yay, yay!! :) Thanks so much. /D
